First real break in three years - even if it's only for 4 or 5 days.

YES: My hubby, Maine, ocean , camping, kayaking, lobster, steamers, beer, fudge

NO: Computer, email, blogs, cell phone, clients

imagine! Not leaving till tomorrow and will work until I get shoved into the car, but getting used to the concept.

Reading this (touching) post by Peter Provost who recently moved with his family (including a newborn) from Denver to Seattle for a hot job at Microsoft, struck a chord. I remember having a  conversation with another person and his wife who recently moved from Florida (where he was already a Microsoft employee) to Seattle. They have young children. They were having a difficult time figuring out where to live (that was affordable as well as commutable) where his wife and children would be able to re-create their social world that they had to leave behind (along with family) when they moved. These are obviously huge and difficult choices to make. Quite different than when you are young and single and without a lot of ties.

Steve's armysteve.com site has become a great resource for other's on their way to Iraq or who have family going or already over there, that they have started www.ArmyAdvice.com where not only Steve & Michelle can post, but others as well. Awesome!!

Steve's site (armysteve) is now a subset of that: www.armyadvice.com/armysteve.

All thanks to .Text!

I was having a hard time putting the different pieces of WS Security into buckets so that they are easier to explain.

The problem was authentication. I finally realized how I wanted to explain it. Authentication is done with security tokens, but authentication does not really belong in a bucket. It is done in tandem with all of the other processes - authorization, encryption, signing. Now it makes more sense to me.

I am starting to realize that one of the reasons that I have had such a difficult time with WSE is because I am not really a linear thinker. I'm more, well, spherical. But I was somehow unable to take wse as a whole and shove it into my brain. I really have had to go through this detailed process of breaking it apart, analyzing it's pieces and then seeing how they fit back together.

And the sad part is all of this effort has only been for grokking the security stuff. There is a lot more to WSE than security.

The happy happy part is that I do really have a handle on this and one that I know I can easily share with other people who feel about this info the way I have for the past few years!

I seriously need to shout out to Don Smith for some hefty support over the last bunch of days. He's been amazing in helping me clarify some of the things that I was still fuzzy with. THANKS DON!

There are a lot of wonderful swimming holes in Vermont thanks to the Green Mountain range and lots of creeks and streams running down from them. Some of these swimming holes, are just gentle tubs along a stream. Others are in gorges. There is a popular spot called Huntington Gorge where many people have died over the years. They get caught in water that, due to the topography of the gorge, can be like a turbine. There is another extremely popular spot called the Bolton potholes which is not so notorious. I lived up the road from them when I first moved to Vermont. On Saturday, a young man who would have turned 20 on Sunday, drowned in the Bolton Potholes. He jumped in to a spot and due to the heavy rains which creates strong currents coming down the moutains, got held under the water. It took 60 rescue workers and 2 days to retrieve his body. I don't know this kid or his family. I just read about it in the local paper. But it is just too heartbreaking, even with all of the horrors going on in the wider world around us. It's much more personal.

It happened to Rick Strahl and is an interesting read...

Since I have found myself explaining more than once that a digital signature is NOT a jpeg of your signature, I decided to just include this slide in my Web Services Security for Dummies talk at ASPConnections.

That image was pretty easy to find on the web...so I guess it's okay to use it.

I went from looking at the WS-Security Spec to the XML Signature Spec and the XML Encryption Spec today. Interesting stuff!

I just think being able to take gobs of handwritten notes in Journal and then SEARCH them for specific words is pretty darned cool.

And...you they can be upsidedown or sideways, even.

Fingerprint security on new Microsoft keyboards! (via whatisnew.com)

but somehow it made me think of this post...

Dave Burke has moved his blog to his own website http://dbvt.com/blog/ after over a year of participating in weblogs.asp.net. I have really enjoyed Dave's post (well, Dave's a great and fun guy all around) so I highly recommend following him to his new dotnetnuke/nGallery/.Text combo site.

Casey's got gmail invites. He's not giving them away. He started fantasizing about the repercussions. My neighbors heard me laughing (well probably they did) when I read this part after he imagines running out of invites and his mom doesn't get one:

mom: you ingrate blah 9 months blah

Thanks to Jason Salas (and Glenn Munlawin at APress) I have in my hands Expert Service-Oriented Architecture in C# Using the Web services Enhancements 2.0 by Jeffrey Hasan.

So far I just opened it up randomly and read what was on that random page and learned something new already.

I will definitely be cruising through this book shortly.

A connection? Yes. Scott Lock, who runs the www.caparea.net user group in the D.C. area is the man behind the American Red Cross's e-commerce donation system. Everytime there is *bad* stuff going on, Scott is on-call 24x7 just in case - since they want to make sure that nothing gets in the way of people making donations. The current system will soon be replaced by a .net app by the way.

One thing I know these hurricanes are wiping out the ACR's funds and they can always use more help. It's quick and easy and painless.

When I hear of the DNC and RNC spending 100's of millions of dollars on  adverstising, it makes me sick.

I think that a new law should be instituted that for every dollar spent on political adversting, one dollar should be put into a charity of the same locality. So if it's a national campaign - give to a national charity, like the Red Cross. A state campaign? Give to that a state-wide charity in that state. A local campaign? Give to the local homeless shelter or the local library or SOMETHING.

Please, don' t make me use menus in my tablet applications.

One of the big revamps I did while dogfooding my blogging application was in the place where you can draw and change things like colors, pen width, ink or erase, etc I made everything available to just click on right on the screen. I got sick of the extra clicks. It's really beautiful. Similar to what Paint does. (yes I'm still working out my stupid 24x24 icon problem...)

I did something similar in the doodling app on the web. Even if you can't ink, you can see what I'm talking about here: www.thedatafarm.com/doodle.aspx.

Shawn rocks. He just explained something to me in the newsgroups that I think is really cool which is an internal windows thing.

A little background. The TabletSDK has clipboard functionality. You can use it to copy ink data from one ink object to another. You can also use it for a few other formats. However, I saw in the samples that you can select multiple formats to persist to the clipboard when you copy (one of them being BMP so you can paste into PAINT, for example). I didn't understand how, if you said okay I want these three formats, how PAINT gets the one it needs.

Pretty simple - this is what Windows is designed to do. You program an application to grok different formats and look for a default format (PASTE) or choose another format (PASTE SPECIAL).  Therefore if I know I want my end user to be able to paste into some generic windows graphic application, I need to ensure that I choose at least the BMP format when I send my ink to the clipboard. But heck, they might have another ink enabled application on their computer, so I should also make sure the special ISF (ink serialized format) is in there too. So after they copy, they would be able to paste in a variety of applications whether ink-enabled or not.

Shawn is a real expert with Tablet PC development and just wrote an article on ink enabling your web apps on the Tablet PC Dev Center.

Lately, each time I achieve an understanding of yet another previously daunting topic in .NET, I have thought it would be great to collect all of this in one place to share with all of the other poor souls who are equally fearful of the bigger .NET concepts that are so new to so many of us. Things like reflection, CAS, security, WSE, streaming, threading (although I am not there with threading yet...), etc. Then I start thinking chapters...book.. and then I just slap myself a few times and make that stupid life sucking you couldn't pay me enough idea go away.

Jeff Julian has evidence that Longhorn is the work of the Devil! The real question is how did Bill Evjen just *happen* to find it?  

I'm working on my deck for doing ink on the web for ASP.NET Connections. I wanted to be able to explain why the SDK 1.7 controls now enable this to work - which is all about the fact that the Tablet Team has modified the API to make the the InkPicture and InkEdit controls as well as the InkOverlay object work under partial trust. Having to explain it, once again, means having to understand it well enough to explain it, not just take that leap of faith.

So I FINALLY grok what is going on here! A big light just turned on. You know the difference between “uh huh” and “oooooooooooooooh!” (that's a long “o” like DOUGH, not like “foo”) when you are trying to explain something to someone.

Although I grokked CAS on the machine - I hadn't done any code download via using windows controls in web apps. And if you follow my blog you may know that I have been a big failure when it has come to my many attempts over the last few years to leverage no touch deployment and auto-updating (turns out my application architecture was way too complex for this).

If I had acquired this understanding earlier, I wouldn't have hit so many walls when I was trying to deploy my doodling app a few weeks ago. I didn't have the knowledge to give me the red flags that I was doing something incorrectly and I didn't have the knowledge to understand why it didn't work when I deployed it. Hmm, I may have gotten a few more points on my security test, too. I understood “does & doesn't work” but I never really understood why! I can't imagine how many people are out there in the same boat.

I might have to do a Julie version of this topic soon.

So I took advantage of the Free for One Year offer of Computers Assoc. ETrust EZ Antivirus that you can get when you install XP SP2 (seems to be if there isn't already an anti-virus app on your system).

I noticed a week ago that I hadn't in fact gotten any updates. The reason was timing. The EZAV software was starting up and running at the same time that my wireless was starting itself up. EZAV is faster and therefore trying to download the updates before I had internet access. But there were no messages that I noticed. I finally saw it in the log files “Could not contact webserver...” and nothing ever downloaded. Over and over again.

So I have to remember to do this manually now.