I just finished my Microsoft TechDays presentation (WEB309: Fixing Ajax Applications). Thanks to everybody who attended! This session will be repeated during the day, so if you missed it you still can tune in.
There was a question at the very end on the history hash ASP.NET writes, but I was too slow to answer it before the session room was closed. The EnableSecureHistoryState property may help in the specific situation and lets you at least toggle between a secure and a human-readable format.