MSDN just published the latest version of David Chappell's paper on the uber story of identity for .NET applications (and beyond, I would add). Recommended!!!
With his usual clarity David manages to capture the overall picture and provide a general frame of reference for the base concepts such as tokens, claims, identity providers, token sources & friends. Another great merit of the paper is that it puts in context many technologies and products, giving useful indications about canonical scenarios. I actually admire (& envy!) David's ability of understanding what is the level of detail that must be provided for 1) making justice to the topic while at the same time 2) not making things too difficult for the reader. I have yet to free myself from the assumption that the reader has to dive deep for truly understanding, but I'm being told I'm slowly getting better :-)
While the the paper was being written Nigel and I had a number of interesting discussions with David: I remember especially well the one about the nature of claims and the generalizations behind the idea of token source. Sometimes we got really passionate :-) Both Nigel and David are sophisticated conversation buddies and tremendously knowledgeable in the subject: I really had a pleasant time. I am very happy to recognize traces of those conversations in the text, both when it appears that he eventually agreed but also when it's clear that he was not convinced and remained faithful with his original ideas.
PingBack from http://www.soundpages.net/computers/?p=4625
In short: I describe why claims are important for every developer and architect (not just the security