I am currently updating the CIS IIS (and ASP.NET) benchmarks.
Around I am reading constant confusing to misleading advice around partial trust.
Most of this seems to relate to:
http://support.microsoft.com/kb/2698981
Where under certain circumstances partial trusts could be overridden.
Now rather than fix the issue Microsoft issued these guidelines. Nothing wrong there. That is good security practice.
However some people seem to think that partial trust (anything other than Full - high, medium, etc trusts) are not to be used from a security standpoint anymore and Microsoft have done little to quash this (IMHO) myth or even promote it. (Levi Broderick I am looking at you here in your comments: http://stackoverflow.com/questions/16849801/is-trying-to-develop-for-medium-trust-a-lost-cause as a culprit of this)
I see this as wishful thinking from a developer point of view as all developers will find it easier to write code in Full Trust (basically nothing is disallowed).
I have problems with this for many (obvious IMHO) reasons as Full trust is bad security practice as you can do anything/everything with code. Just take the scenario where someone managed to upload code (FTP, webdav, some hack, etc) to the server - surely it is more security to have Medium trust than Full for this case.
Maybe this is the wrong place to ask this but I hope there would be someone from Microsoft with enough knowledge to explain the situation in more detail, but maybe I would get better luck on the MVP mailing list......