ADFS 2.0 Logout Request - Requester status code

I'm having an issue getting Single Logout to work with a vended app called ServiceNow.  According to their wiki they have never gotten log out working with ADFS 2.0.  Here is the log out request that ServiceNow is sending.  ADFS responds with with a status of oasis:names:tc:SAML:2.0:status:Requester which means ADFS didn't like something in the request.  I've turned on debugging and checked the logs but nowhere does it say what is wrong with the request.  I can see statements where it says it's issuing the response with a status of requester but nothing about why. 

Does anyone see what's wrong with the request? 

I've verified that the certificates being use match what's configured in ADFS.  I've also tried changing the SamlResponseSignature to MessageAndAssertion and MessageOnly without luck. 

Is there an easy way to check if the signature matches what it's supposed to?  Online tool or something

<saml2p:LogoutRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://xxxxxx/adfs/ls/" ID="SNC2da711775a47886290ce57edaaa2561c" IssueInstant="2014-01-27T18:49:02.532Z" Version="2.0"><saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://service-now.com</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> <ds:Reference URI="#SNC2da711775a47886290ce57edaaa2561c" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml2 saml2p"/></ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> <ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">ICUEKw+p/iqN/RU3KAPsm3uIRxI=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">[Signature Value]</ds:SignatureValue> <ds:KeyInfo><ds:X509Data><ds:X509Certificate>[x.509 Cert]</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2:NameID xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">testuser</saml2:NameID><saml2p:SessionIndex>_543565f6-6ff6-4e1b-9dfc-08588802e35a</saml2p:SessionIndex></saml2p:LogoutRequest>