Unable to use JSON Web Token Handler GA with Windows Store and REST scenario

I'm exploring Windows Azure AD and I'm trying out the scenario "Securing a Windows Store Application and REST Web Service Using Windows Azure AD (Preview)"

http://msdn.microsoft.com/en-us/library/windowsazure/dn169448.aspx

If I use the JWT WEb TOken Handler preview Library (http://nuget.org/packages/Microsoft.IdentityModel.Tokens.JWT/) the sample works fine; if I instead try to use the GA library (http://nuget.org/packages/System.IdentityModel.Tokens.Jwt/) the project compiles (after adjusting namespaces and class names) but the call to tokenHandler.ValidateToken() fails with the exception attached at the end of the post. I tried to put ValidateIssuer=false in the validationParameters object, but I still got the exception.

As an aside: is it correct that the signing key (associated to accounts.accesscontrol.windows.net) is not trusted? If I serialize the signing key published in the tenant metadata in a cer file Windows tell me that "this CA Root certificate cannot be trusted".

Exception details:

System.IdentityModel.Tokens.SecurityTokenValidationException was caught
  HResult=-2146233087
  Message=The X.509 certificate CN=accounts.accesscontrol.windows.net is not in the trusted people store. The X.509 certificate CN=accounts.accesscontrol.windows.net chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

  Source=System.IdentityModel
  StackTrace:
       at System.IdentityModel.Selectors.X509CertificateValidator.PeerOrChainTrustValidator.Validate(X509Certificate2 certificate)
       at System.IdentityModel.X509CertificateValidatorEx.Validate(X509Certificate2 certificate)
       at System.IdentityModel.Tokens.JwtSecurityTokenHandler.ValidateSigningToken(JwtSecurityToken jwt)
       at System.IdentityModel.Tokens.JwtSecurityTokenHandler.ValidateToken(JwtSecurityToken jwt, TokenValidationParameters validationParameters)
       at System.IdentityModel.Tokens.JwtSecurityTokenHandler.ValidateToken(String jwtEncodedString, TokenValidationParameters validationParameters)
       at TodoListService.TokenValidationHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) in c:\akite\common\sandbox\TodoListService\TodoListService\Global.asax.cs:line 85
  InnerException: 

Eric Miotto, aKite Retail Web Services, http://www.akite.net