I recently spoke at Whidbey Blast, a one-day, Visual Studio 2005 conference hosted by the Northern Colorado .NET Users Group. I did the keynote and a session about MSBuild, then sat in on some of the other sessions that covered a variety of upcoming technologies. One of the sessions was by Keith Brown, security guru and a fellow Visual Developer - Security MVP. He asked how many people develop or have developed partially trusted applications. Only one person — out of perhaps the 50 people in the room — shyly raised his hand, and Keith indicated that was pretty typical. He also mentioned that if you develop an Indigo-based application, the app has to run with full trust. This is because the Indigo team doesn’t believe that enough people write partially trusted applications to make it worthwhile for them to do the work to make Indigo usable by partially trusted applications. In the car on the way to the airport, my host Kathleen Dollard said she doesn’t write them because clients aren’t willing to pay for them.
