For TFS 2008 Microsoft changed the licensing so it is now possible to have users reporting issues without having to buy a CAL for them. In other words if have the need for some users to manipulate work items (only the work items) you can do it without buying any licenses for them.
Although the following restrictions apply for these users:
User can create new work items (any type, so this can be used for creating requirements and change requests :-))
Users can update the work items that they have created except changing it's state.
Users cannot view work items created by other users.
This is a great news, it will allow to reduce the friction of TFS adoption by curbing some of it's costs, and it will allow great scenarios like allowing customers to enter bugs directly into TFS.
However i still think, the fact that you can't change the state of a work item is a bit too restrictive. If you use this facilities to allow your clients (or project shareholders) to enter bugs into your system i think they should be able to close them. For example for stating that the bug doesn't apply anymore, or for confirming that a bug has been indeed been resolved (i guess this second thing, is what triggered this rule, since it would dispense testers of having a CAL to access work items only :-)).
Do you know what would be great? If Microsoft provided out of the box a security group for these users, and then adapted TFS Web Access so external users could use work items according to this licensing restrictions. Let's call it TFS Web Access Ligtht :-)
[Update] According to Brian Harry, Microsoft is working on the scenario of having this TFS Web Access light i was aspiring. :-)
I wonder what are the consequences of this licensing change for the workgroup edition. Since the workgroup only accepts five users.
This also applies to TFS 2005 if you have a license with software assurance.