Ever wondered what a secure ASP.NET 2.0 application should look like?  The ASP.NET Internet Security Reference Implementation rolls all of the Patterns and Practices Security Guidance into real-world sample application, complete with full documentation about all of the security features, why and how they were implemented, and the drawbacks to doing so.

If you are doing ASP.NET 1.1 or 2.0 web design, you should download this, read through it, and check out the code.  While the code is 2.0, all of the security concepts- and some of the solutions- map to 1.1 apps as well.

One note: it installs into C:\Program Files\Microsoft\Internet Security Reference Implementation by default.  It took me forever to find it!