Description
There is a bug in the STSClient when processing a RequestedProofToken received from an STS. This element can contain an EncryptedKey child, but the STSClient searches in the wrong namespace and so never finds the element.
Secondly, the STSClient doesn't support the scenario where a RequestedProofToken contains a ComputedKey, and the associated Entropy element has an EncryptedKey child (instead of a BinarySecret).