Pyxmlsec doesn't seem to handle CA bundling while xmlsec does (and xmlsec1 proves this rather easily). In your estimation, what is the lift to change the pyxmlsec code to handle that one case that xmlsec already does? -A