When i started working with ACS on Appfabric I kept on encountering various terminologies, one of them was Passive Federation and it was widely used. I could understand the term Federation but passive was not clear to me ever.
The term Passive refers to all those requests that are made by a requestor which is not capable of producing proper SOAP request, for example Web Clients. This means all Web clients are Passive Requestor. Passive Federation emulates WS-Trust on top of GET, POST and cookies. This involves multiple redirects involving browser, resources, requestor and cookies. Check the diagram by Vittorio for details.
At Present whenever someone refers to WS-Federation it simply means Passive Federation, as Active requestors are capable of handling WS-Trust directly.
So now if we are implementing Windows Live ID single sign on in a our application, may be by using Appfabric ACS Labs we essentially mean Passive Federation. I will be shortly talking about my experiences with AppFabric ACS Labs.