• Create and configure a MenuStrip component on a Windows Form.
• Change the displayed menu structure programmatically.
• Create and configure the ContextMenuStrip component on a Windows Form.

There is a good article on DevX about the xStrip controls.  MSDN has a good technology overview as well.  The Toolbar, menu and status bar render in a look (by default) that is similiar to Office xp.  Understand that the Menu, Toolbar and StatusBar all derive from a common base, ToolStrip.    ToolStrip is a container for ToolStripItem controls.  The ToolStrip uses Renderers to control its display.  Look at the RenderMode property for more information.

Next up-> Data binding

Add and configure a Windows Forms control.

• Use the integrated development environment (IDE) to add a control to a Windows Form or other container control of a project at design time.
• Add controls to a Windows Form at run time.
• Configure controls on a Windows Form at design time to optimize the UI.
• Modify control properties.
• Configure controls on a Windows Form at run time to ensure that the UI complies with best practices.
• Create and configure command controls on a Windows Form.
• Create and configure text edit controls on a Windows Form.
• Create and configure text display controls on a Windows Form.
• Use the LinkLabel control to add Web-style links to Windows Forms applications.
• Provide a list of options on a Windows Form by using a ListBox control, a ComboBox control, or a CheckedListBox control.
• Configure the layout and functionality of a Windows Form to display a list of items.
• Implement value-setting controls on a Windows Form.
• Configure a WebBrowser control.
• Add and configure date-setting controls on a Windows Form.
• Display images by using Windows Forms controls.
• Configure the NotifyIcon component.
• Create access keys for Windows Forms controls.

The first 4 bullets shouldn't be worrisome.  As far as as UI Best Practices, I imagine stuff like consistency, making sure your UI works with both mouse and keyboard, and making sure it functions with accessibility features are the key.  The only best practices guidance I found specific to 2.0 is this blurb on MSDN2 about the datagridview.

Here is a list of things that have changed in 2.0.  Here is a list of new features.

The command controls available in WinForms is really just the Button class.  Few things have changed since 1.1.  There's a FlatAppearance method-allowing finer control when the FlatStyle is set to Flat.  TextImageRelation specifies where the text goes in relation to an image.  There is also an AutoEllipsis property that adds the ... if your text is too long for the button.

Text Edit controls in WinForms are the ComboBox, DateTimePicker, DomainUpDown, ListBox, the new MaskedTextBox, NumericUpDown,PropertyGrid, RichTextBox, and the basic TextBox.  There is support for AutoComplete in the ComboBox and TextBox via the AutoCompleteCustomSource, AutoCompleteMode, and AutoCompleteSource properties.  I haven't used the DateTimePicker much before, but it doesn't appear to have changed.  Same for the DomainUpDown control.  The Listbox now has formatting via the FormattingEnabled and FormatString properties.  The MaskedTextBox is new, you should play around with it to understand it's features.  Jesse Liberty has a writeup on the masking features.  The NumericUpDown control hasn't changed either.  Same with the PropertyGrid.  The RichTextBox control has a RTF property that you can get/set the text including RTF codes.

The display controls in WinForms are Label, ListView, PictureBox & Treeview.  Label control has the AutoEllipsis property.  That's the only change I could see.  There are some good changes to the ListView control.  It has support for Groups and TileView.  Jeremy Epling has a writeup on Groups on his blog.   The other big change is that the ListView is bindable (Yeah!).  The PictureBox now supports Asychronous loading.  The ListView and TreeView now support Owner drawing.

The linkLabel hasn't changed.  Use it as you would a Button, except that you handle the LinkClicked event.

The CheckedListBox has the same new properties as the Listbox as far as Formatting.  It also has a new property ThreeDCheckBoxes (bool). 

To display a list of items, you could use either a CheckedListbox, ComboBox, DomainUpDown, Listbox, ListView, or TreeView.  CheckedListbox, Listbox, and ListView support multiple columns.

The WebBrowser is a new control that a hosting container for the browser.  You specify the location by setting the Url property.

You can display images a variety of different ways.  You can set the background image of a form and various controls, use a PictureBox control, you can handle the Paint event and use the graphics object to paint an image.

The NotifyIcon component now has BalloonTips.  These should be used to notify the user that something has happened.

Access keys are still defined by prefixing with an "&"

Next up-> Menus

• Group and arrange controls by using the Panel control, GroupBox control, TabControl control, FlowLayoutPanel control, and TableLayoutPanel control.
• Use the SplitContainer control to create dynamic container areas.

There is an article about the different layout controls by "benoyraj" at codeproject.  It's a good start to understanding these controls.  Best thing to do is to throw them on a form and play around with them a little.

Panel control hasn't changed since 1.1 (Except for the properties derived from Control like AutoSize...)  Same with GroupBox and TabControl. 

FlowLayoutControl places the controls in its container in a "flowing" order.  Kind of like web stuff.  You don't have control of the Top/Left of a control in the FlowLayoutControl.  You can set the flow to LeftToRight, TopDown, RightToLeft, or BottomUp.  David Muhundo has a blog posting describing some of his feats and concerns.

TableLayoutPanel defines a Table that you place controls in.  Again, you are giving up control over the Top/Left of the child controls in a cell.  Only one control can be placed in each cell.

Split functionality has changed significantly from v1.1.  There is now a SplitContainer that basically is two panels split either horizontally or vertically that you drop controls into.  if you are handling resizing manually, there are two events, SplitterMoved and SplitterMoving that you can capture.  There is a small FAQ (Word Document) on WindowsForms.NET.

Next up-> Windows Forms Controls

Enhance the user interface of a .NET Framework application by using the System.Drawing namespace.

• Enhance the user interface of a .NET Framework application by using brushes, pens, colors, and fonts.
• Enhance the user interface of a .NET Framework application by using graphics, images, bitmaps, and icons.
• Enhance the user interface of a .NET Framework application by using shapes and sizes.

Mahesh Chand has an intro to GDI+ article at vbdotnetheaven.  He also has an article describing GDI+ brushes.  Finally, there is also has an article on Pens and Fonts. 

Budi Kurianwan has nice article in C# covering the basics.

Bob Powell has an excellent intro article, and he also maintains the GDI+ FAQ.

Remember that Pens are used to draw lines and shapes, Brushes are used to fill surfaces, Fonts are used to render text, and Colors are... colors.

I suspect it would be good to know the different types of Brushes available: SolidBrush, TextureBrush, HatchBrush, LinearGradientBrush, and PathGradientBrush.

Image class is abtract, Bitmap and Metafile are the actual implementation classes.

The graphics class can draw the following types of shapes/lines: Arc, Bezier splines, Closed Cardinal Spline (ClosedCurve), Curve, Ellipse, Line, Path, Pie slice, Polygon (regular and irregular),  Rectangle.  It can fill a Closed Cardinal Spline, Ellipse, Path, Pie slice, Polygon, or Rectangle.

That's it for Section I!  Now I will begin preparing for the specifics of 70-552 (WinForms)
Next Up ->Creating a UI for a Windows Forms Application by Using Standard Controls

• MailMessage class
• MailAddress class and MailAddressCollection class
• SmtpClient class, SmtpPermission class, and SmtpPermissionAttribute class
• Attachment class, AttachmentBase class, and AttachmentCollection class
• SmtpException class, SmtpFailedReceipientException class, and SmtpFailedReceipientsException class
• SendCompletedEventHandler delegate
• LinkedResource class and LinkedResourceCollection class
• AlternateView class and AlternateViewCollection class

This is a completely new namespace.  The old System.Web.Mail namespace has been deprecated.  This new implementation is not dependent on CDO.  Dr. Peter Bromberg has an introductory article on the new features.  There is also the infamous www.systemnetmail.com site.

MailMessage class - Represents an email message.  New properties for this (compared to the properties in the web.mail version) are DeliveryOptions, ReplyTo, and SubjectEncoding.  There is also support for AlternateViews - allowing you to send both text and HTML representations of the email.

MailAddress class - Represents an email address.  Address, DisplayName, Host, and User are readonly properties of this object.  Properties are set in the constructor.

MailAddressCollection class - Collection of MailAddress objects. 

SmtpClient class - This class sends email via SMTP.  It is not dependent on CDO, it can work over SSL, and the send can be performed async.

SmtpPermission class - This class regulates whether or not an application can send mail via SMTP.  Access can be locked down to no access, only via the default port (25), or unrestricted.  What's interesting is that this class doesn't appear in the Create Permission Set wizard.

SmtpPermissionAttribute class - Attribute implementation of the SmtpPermission class.

SmtpException class - Exception that is thrown when SMTP Client can't complete a send or sendasync operation.

SmtpFailedReceipientException class - Exception that is thrown when a receipient is not valid.

SmtpFailedReceipientsException class - Exception that is thrown when an email can't be sent to ALL of the receipients.  "This class supports the .NET Framework infrastructure and is not intended to be used directly from your code. "... The following statement from the remarks in the documentation contradicts the explanation: "The InnerExceptions property contains the exceptions received while attempting to send e-mail. The e-mail might have been successfully delivered to some of the recipients."

SendCompletedEventHandler delegate - Delegate that is called when an async send is complete.  Handles the SendCompleted event.

LinkedResource class - Represents an embedded resource in a message, such as a HTML image.

LinkedResourceCollection class - Collection of LinkedResources.

AlternateView class - This class is used to represent an alternate view of a mail message.  This would likely be an HTML version of the email. 

AlternateViewCollection class - Collection of AlternateView objects.  This is used in the AlternateViews property on the MailMessage object.

Next up -> GDI

Access and modify identity information by using the System.Security.Principal classes. (Refer System.Security.Principal namespace)

• GenericIdentity class and GenericPrincipal class
• WindowsIdentity class and WindowsPrincipal class
• NTAccount class and SecurityIdentifier class
• IIdentity interface and IPrincipal interface
• WindowsImpersonationContext class
• IdentityReference class and IdentityReferenceCollection class

This is all about the identity.  It would help to have a good understanding of the identity infrastructure in .NET.  There is a good writeup on the basics by Bipin Joshi.

GenericIdentity class - Represents a "Generic" user. 

GenericPrincipal class - Represents a "Generic" principal.

WindowsIdentity class - Represents a windows user.  Keith Brown has a good writeup on WindowsIdentity and WindowsPrincipal on his .NET Developers Guide to Security.

WindowsPrincipal class - Provides the ability to check the Windows group membership of a Windows user.

NTAccount class - New to 2.0 Represents an NT User or Group. This class has the ability to get the security identifier (useful for access control operations) via the translate method.

SecurityIdentifier class - New to 2.0. Represents a Windows Security Identifier (SID).  Useful for ACL operations.

IIdentity interface - Defines the basic functionality of an identity object.  Name, AuthenticationType, and IsAuthenticated are the members that must be implemented.

IPrincipal interface - Defines the basic functionality of a principal object.  Identity and IsInRole must be implemented.

WindowsImpersonationContext class - Represents a windows user prior to impersonation.  Allows you to revert back to the original user by calling the Undo method.  Marc Merritt has a nice simple demonstration at The Code Project.

IdentityReference class - New to 2.0.  Base class for NTAccount and SecurityIdentifier classes.

IdentityReferenceCollection class - New to 2.0.  Collection of IdentityReference classes.  Has a translate method to change objects from one type of identity to another.  An example would be from NTAccount to SecurityIdentifier.

Next up -> System.Net.Mail

I'll be speaking at Boston Access Day (The Boston area Microsoft Access usergroup) this Wednesday, February 15th.  I'll be doing a two part talk:

Introduction to SQL Server Express - SQL Express is a lightweight version of SQL Server 2005 that is easy to install and use in your applications. Unlike its predecessor MSDE, this engine has been optimized for small business applications. Phil will talk about the features, capabilities and limitations of SQL Server Express.

Improving SQL Server Performance - How to troubleshoot performance problems in SQL Server, and ways to overcome them.  Phil will talk about common problems, the tools used to monitor SQL Server, and possible fixes for the problems.

I've been a member of this group for over 10 years.  I haven't done Access development in over 5 years, but it's good to go back and see old friends.

• SecurityPermission class
• PrincipalPermission class
• FileIOPermission class
• StrongNameIdentityPermission class
• UIPermission class
• UrlIdentityPermission class
• PublisherIdentityPermission class
• GacIdentityPermission class
• FileDialogPermission class
• DataProtectionPermission class
• EnvironmentPermission class
• IUnrestrictedPermission interface
• RegistryPermission class
• IsolatedStorageFilePermission class
• KeyContainerPermission class
• ReflectionPermission class
• StorePermission class
• SiteIdentityPermission class

I've really got to get going on these.  I'm scheduled to take 70-552 next Sat, and I'm haven't gotten to the WinForms stuff yet.

These next two parts are on Code Access Security.  Mike Downen (via Julie Lerman) has an intro article on CAS in 2.0.

Update via Zdenko - Michael Stiefel has some good articles on his site.

SecurityPermission class - This is the class that has a lot of base attributes: Execution, SkipVerification, UnmanagedCode, Assertion, BindingRedirects to name a few.  There don't appear to be any new values from 1.1.

PrincipalPermission class - This class allows you to control access by the current identity.  Note the important info in the documentation:

Prior to a demand for principal permission it is necessary to set the current application domain's principal policy to the enumeration value WindowsPrincipal. By default, the principal policy is set to UnauthenticatedPrincipal. If you do not set the principal policy to WindowsPrincipal, a demand for principal permission will fail. The following code should be executed before the principal permission is demanded:

AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal). 

Kaushal Sanghavi has a good article demonstrating the use of PrincipalPermission.

FileIOPermission class - Controls access to file IO.  There are 4 basic rights controlled : Read, Write, Append and Path Discovery.

StrongNameIdentityPermission class - Allows you to limit callers to a specific strongly named assembly.  More information can be found at Morgan Skinner.

UIPermission class - Allows you to specify the permissions for UI (Winforms).  Whether or not a window can be shown, whether or not more than one window can be shown, whether or not the application can access the clipboard, only a system specific clipboard, or no access whatsoever.

UrlIdentityPermission class - In the same spirit as StrongNameIdentityPermission, allows you to limit callers by a URL.

PublisherIdentityPermission class - Limits calls by a specific publisher (using Digital certificates)

GacIdentityPermission class - This is new in 2.0 - Allows you to limit access by whether or not an assembly is located in the GAC.

FileDialogPermission class - Controls whether or not the assembly can open a File dialog box.

DataProtectionPermission class - New to 2.0.  Controls whether or not the assembly can use the new data protection (DPAPI) features.  You can retrict the user to protect data, unprotect data, protect memory or unprotect memory.

EnviromentPermission class - Controls access to user and system environment variables.

IUnrestrictedPermission class - Allows a permission to expose an unrestricted state.  Peter Torr has a nugget of trivia about this interface buried in his post.

RegistryPermission class - Controls access to the registry.

IsolatedStorageFilePermission class - Controls access to isolated storage.  Can control the size (Quota) and the type of store (Application, Domain, or Assembly)

KeyContainerPermission class - New to 2.0.  Controls access to Key Containers.  You can control access by each CSP, or grant unrestricted rights.

ReflectionPermission class - Controls access to assembly metadata via reflection.  You can control whether or not access to members is allowed, access to types, and whether or not assemblies can be dynamically generated.

StorePermission class - New to 2.0 Controls access to X.509 Certificate stores.  Can control add/remove of certificates, opening of a store, enumeration of certificates, and the creation/deletion of stores.

SiteIdentityPermission class - Limit calls to a specific site (domain).

Next up -> Security.Policy

I will be speaking at the next meeting of the New England C# User's Group on New Features of the 2.0 Framework.  If you're in the Manchester NH area, stop on by.

• DES class and DESCryptoServiceProvider class
• HashAlgorithm class
• DSA class and DSACryptoServiceProvider class
• SHA1 class and SHA1CryptoServiceProvider class
• TripleDES and TripleDESCryptoServiceProvider class
• MD5 class and MD5CryptoServiceProvider class
• RSA class and RSACryptoServiceProvider class
• RandomNumberGenerator class
• CryptoStream class
• CryptoConfig class
• RC2 class and RC2CryptoServiceProvider class
• AssymetricAlgorithm class
• ProtectedData class and ProtectedMemory class
• RijndaelManaged class and RijndaelManagedTransform class
• CspParameters class
• CryptoAPITransform class
• Hash-based Message Authentication Code (HMAC)

Knowing some basics about Cryptography is a big help with this objective.  Dino Esposito has an article on DevX going over the basics. It's based on 1.1, but the ideas haven't changed.

For the most part this namespace hasn't changed.  ProtectedData/Memory and HMAC are the new classes they want you to know about.

DES class - Abtract class that all (one) DES implementations derive from.  DES is a symmetric encryption algorithm.  It's an old algorithm that can be cracked in a matter of days.

DESCryptoServiceProvider class - Service provider class for DES encryption.  Derives from DES and is the class you'd use when encrypting/decrypting with DES.

HashAlgorithm class - base class that all hash algorithms derive from.  MSDN has an example implementation showing that you invoke the ComputeHash method to get the hash.

DSA class - base class that all (one) DSA implentations derive from.  Richard Grimes has a blurb about digital signatures on his security workshop page.

DSACryptoServiceProvider class - provides an implementation of the DSA (Digital Signature Algorithm) .

SHA1 class - Abtract class for the SHA1 Hash algorithm.  160 bit hash size.

SHA1CryptoServiceProvider class - Implementation of the SHA1 hash algorithm.  There's some concern that this algorithm is weak, so it's probably best to use a different hashing algorithm.

TripleDES class - Abtract class for the TripleDES encryption algorithm.  TripleDES is a symmetric algorithm support key sizes of 128 or 192 bits.

TripleDESCryptoServiceProvider class - Implementation of the TripleDES encryption algorithm, which appears to encrypt the text by running DES 3 times.

MD5 class - Abtract class that all MD5 hash algorithms derive from.  MD5 produces a 128 bit hash.

MD5CryptoServiceProvider class - Implementation of the MD5 Hash Algorithm.  It appears there might be weaknesses with this algorithm as well.

RSA class - Abtract class that all RSA encryption algorithms derive from.  RSA is an asymmetric algorithm supporting bit sizes between  384 - 16384 bits in increments of 8 bits.

RSACryptoServiceProvider class - Implementation of the RSA Encryption algorithm.  There don't appear to be flaws in the RSA algorithm provided your key is >2k.

RandomNumberGenerator class - Abtract class that all Random Number generators are supposed to derive from.  There is only one implementation of a random number generator - RNGCryptoServiceProvider.  Christopher Wille has an example that creates random passwords using the RNGCryptoServiceProvider.

CryptoStream class - defines a stream that is used with cryptographic functions.  The idea is to prevent storing the data in an intermediate area during cryptographic functions.  It also handles buffering which I guess gets complicated with block ciphers.

CryptoConfig class - Documentation says that it is used to get cryptography configuration information.  I don't see it doing that.  It appears that the main method, CreateFromName, is used to get an instance of a specific CryptoServiceProvider.  There is mention of the CryptoConfig being used in this best practices in Mono document.

RC2 class - Abtract class that all RC2 implementations derive from.  RC2 is an Symmetric Encryption algorithm.

RC2CryptoServiceProvider class - Implementation of the RC2 Encryption algorithm.  Key size is from 40-128 bits in 8 bit increments. 

AssymmetricAlgorithm class - base class for all encryption methods that are classified as Assymmetric (meaning public key algorithms)  Dr. Peter Bromberg has a simple example of using the RSA classes.

ProtectedData class  - This is a new class for the 2.0 framework.  It is a frontend to the DPAPI protect and unprotect methods, making it very easy to secure data using DPAPI.  Remember that stuff protected by DPAPI can only be unprotected on the same machine.

ProtectedMemory class - Also a new class for the 2.0 framework.  It works the same as ProtectedData.  The difference is that ProtectedMemory is only valid until the machine reboots.  Shawn has an informative post on his blog.

RijndaelManaged class - A managed implementation of the Rijndael encryption algorithm, also known as AES.  Rijndael is a symmetric algorithm supporting key sizes of 128,192, and 256 bits. 

RijndaelManagedTransform class - the actual class that does the encryption/descryption for the RijndaelManaged class.

CspParameters class - contains parameters that are passed to the CSP (Cryptographic Service Provider).  This is used to pass specific parameters back to the Crypto subsystem.  An example is specifying which key container to use.  Gowri Paramasivm has an example using RSA.

CryptoAPITransform class - Represents a cryptographic algorithm that encrypts or decrypts data.

HMAC (Hash-based Message Authentication Code) - Abstract class that all implementations of HMAC derive from.  HMAC is a way of verifying the authenticity and integrity of a message.  These are new classes.

Next up -> Permissions

Implement a custom authentication scheme by using the System.Security.Authentication classes. (Refer System.Security.Authentication namespace)

• Authentication algorithms and SSL protocols

Another new namespace.  Not much meat there.  I think they're trying to get you to look at the AuthenticatedStream class in System.Net.Security.  Keith Brown has a good example implementation in his "The .NET Developer's Guide to Windows Security"

The algorithms that are implemented appear to be:

NegotiateStream - "Uses the Negotiate security protocol to authenticate the client."  Is there such a thing as the "Negotiate security protocol"?  I'm not finding anything on it.  Sample uses of this class appear to communicating with a server authenticating via Kerberos.

SslStream - "Provides a stream used for client-server communication that uses the Secure Socket Layer (SSL) security protocol to authenticate the server and optionally the client. "  Dominick Baier has a nice simple example.

Next up ->  Cryptography

Implement access control by using the System.Security.AccessControl classes.

• DirectorySecurity class, FileSecurity class, FileSystemSecurity class, and RegistrySecurity class
• AccessRule class
• AuthorizationRule class and AuthorizationRuleCollection class
• CommonAce class, CommonAcl class, CompoundAce class, GeneralAce class, and GeneralAcl class
• AuditRule class
• MutexSecurity class, ObjectSecurity class, and SemaphoreSecurity class

This is a completely new namespace.  The .NET framework now has direct support for reading and maintaining ACLs (Access Control Lists, or NT Permissions).  This was difficult to do previously because you had to use unmanaged calls to the Win32 subsystem.

You should probably have some rudimentary understanding of how the access control works.  Wenfeng Yao has a nice post explaining the different terms.

Rich Strahl has a good simple example of how these classes work.  Like he says, it's not to hard once you see how it's done.  There's also an informative MSDN article (based on the beta) about the Access Control objects.

DirectorySecurity class - This embodies the access and audit information for a specific directory.  Create an instance by passing in the path in the constructor. 

FileSecurity class - Same thing, but for a specific file.

RegistrySecurity class - Same thing for a registry key. 

FileSystemSecurity class - base class for both DirectorySecurity and FileSecurity.

AccessRule class - To borrow a database metaphor, this is the many to many table for security.  It combines an Identity and an AccessControlType to represent a specific permission.

AuthorizationRule class - base class of AccessRule and AuditRule.

AuthorizationRuleCollection class - collection of AuthorizationRule instances.  Typical collection, no new methods.

CommonAce class - Represents an Access Control Entry(ACE).  These objects allow you to deal directly with ACE/ACLs, whereas the Security/Rule classes provide some abtraction and validation.  "The CommonAce class represents the eight most common ACE types".  But I can't find what the eight most common ACE types are.  I looked at the class in reflector, I think they're talking about AccessAllowed, AccessDenied, SystemAudit, SystemAlarm, AccessAllowedCallback, AccessDeniedCallback, SystemAuditCallback, SystemAlarmCallback... But I'm not sure.  There are a lot of opportunities for improvement in the documentation for these classes.

CommonAcl class - Represents an Access Control List(ACL).  Meaning either SACL or DACL.

CompoundAce class - Represents a Compound ACE.  As the only member of the CompoundAceType enum is Impersonation, I'm guessing that a compound ace has something to do with Impersonation.  Looking further using reflector, it appears a CompoundAce object is created in the GenericAce.CreateFromBinaryForm when the AceType = AccessAllowedCompound.  According to MSDN : "Defined but never used. Included here for completeness. "...

GeneralAce class - Represents a generic ACE.  Base class for all ACE classes.

GeneralAcl class - Represents a generic ACL.  Base class for all 4 ACL classes.

AuditRule class - This similiar to an AccessRule, but represents Audit information. 

MutexSecurity class - Similiar to FileSecurity, but for Named Mutexes.  For those of you unfamiliar with Named Mutexes (I was), look at King Ralph's blog entry.

ObjectSecurity class - Base class for all the xxxSecurity objects.

SemaphoreSecurity class - Similiar to MutexSecurity, but for Named Semaphores. 

Next post - Authentication

On this week's MSDN flash, they released promo codes (meaning you can register for free) for 4 other beta exams:

Between now and March 10, I'm scheduled to take 5 exams...  There go my weekends.

• IsolatedStorageFile class
• IsolatedStorageFileStream class
• DeflateStream class
• GZipStream class

IsolatedStorageFile class - The main feature that's been added is that there is a new scope - Application.  The .NET Security blog has more info on this feature.  There are a few static methods that have been added making it easier to get an IsolatedStoreFile instance:  GetMachineStoreForApplication, GetMachineStoreForAssembly, GetMachineStoreForDomain, GetUserStoreForApplication, GetUserStoreForAssembly, GetUserStoreForDomain.

IsolatedStorageFileStream class - Not much changed here.  There is a SafeFileHandle property, which returns a Win32 handle of the actual file.  By virtue of this class being based on FileStream, GetAccessControl / SetAccessControl methods are available.

DeflateStream class - This is a brand new class.  It implements the Deflate algorithm.  It can't handle files more than 4 gigs (uncompressed). 

GZipStream class - This is also a brand new class.  It implements the GZip algorithm.  Same as deflate but has CRC.  It is also limited to dealing 4 gig files. 

There is a blog entry about the capabilities of the compression classes here . 

Next up AccessControl classes