the SAML AuthZ Service document in section 6.1 requires us to use the Web Services Security X.509 Certificate Token Profile to encode certificate paths. I have been keeping my eyes open for an implementation of this standard for the last few months with no success.
This isn't technically correct as the encoding of the certificate chain is a SHOULD not a MUST.
agreed, this was careless wording on my part.
I just checked with Rachana and GT does not include the SubjectConfirmation element, so no help there.
Yes, I am aware of that. The format in the WS standard is rather elaborate. I was hoping some other work in the community has solved this. There's gotta be somebody who's moving X.509 certificates in an XML format, any XML format :) Markus