Hey all, I've been away awhile...got in a little vacation finally and also switched groups at Microsoft so I've been buried getting my feet wet in a new job. Things are starting to even out a little so I will hopefully be back writing here a little more often again.
I wanted to point out one important update I made to an earlier posting about errors regarding the root of the token signing certificate not being trusted in SharePoint 2010. This issue has bitten a lot of people already, and I blogged about how to work around it a couple of months ago. Since SharePoint 2010 has shipped, there has been an additional wrinkle added to this procedure. I've updated the post at http://blogs.technet.com/speschka/archive/2010/02/13/root-of-certificate-chain-not-trusted-error-with-claims-authentication.aspx so if you are having problems with this error, check it out. In a nutshell, you want to follow the instructions outlined in that post now for every certificate in the chain for the token signing cert, not just the signing cert. See the post for more details.