OpenID 2.0 nonces and ASP.NET HttpRequestValidationException
The OpenId Authentication 2.0 spec’s section on nonces allows for nonces to be made up of any and all ASCII characters in the range of 33-126 inclusive. This includes the…
DotNetOpenId 1.0.1 released
A maintenance release of DotNetOpenId 1.0 has just been posted to the DotNetOpenId project site. The new version (1.0.1) contains just one fix from the 1.0.0 version that corrects a…
DotNetOpenId 1.0 released today, 2.0 beta also released
DotNetOpenId 1.0 RTW The culmination of a great deal of work in refactoring, bug fixing and enhancements can be found in the latest .NET implementation of the OpenId library known…
DotNetOpenId: What’s coming
I’ve been contributing heavily to the open source DotNetOpenId project for the past few weeks. It’s been pretty stagnant for the past year or so and people were complaining. I…
How to add OpenID support to BlogEngine.NET
Although the author of BlogEngine.NET didn’t accept a patch from me to add OpenID support to his open-source blog engine a few months ago, it’s really easy for you to…
New job with Visual Studio Platform & Ecosystem
I have accepted a new position within Microsoft with the Visual Studio Platform & Ecosystem team. Rather than working on the .NET Compact Framework I will be working on "VS10". …
How did Schneier hack my Google Reader?
Somehow the "Schneier on Security" blog feed was injected into my Google Reader environment. I have never heard of this guy, and I certainly don’t have his feed in my…
Looking for a new job
Some internal changes here at Microsoft finds me looking for a new job. I am focusing my search on jobs still here at Microsoft, but I guess I need to…
Silverlight Slideshow control
I’ve been looking to change out my Flash-based slide shows that appear on my personal blog with a Silverlight-based slide show control. A quick Internet search revealed First Floor’s Silverlight…
Verizon DSL redirects bad URL requests
I use Verizon DSL. Verizon just activated a service that gets their DNS server to lie in response to requests for non-existent domain names. Instead of returning a "domain not…