No one is passing the buck. As I clearly stated, it looks as though we are not properly adding all of the signing data needed for proper acceptance. This is corroborated by looking at an IPA signed on a Mac versus an IPA signed on a PC. This is certainly one possible reason why the app is coming back with an invalid signature.
It is also possible that the new provision/certificate selection added in 4.10 is not working properly with distribution builds. Your statement that 4.9 works and 4.10 doesn’t would seem to corroborate that hypothesis. However, that would seem to be a bit odd as the same code is running on both PC and Mac and the Mac IPA signatures are correct in 4.10 and IPAs built from there are uploading correctly.
All of that being said, I am still looking in to the issue and any logs from a build which exhibits the problem would certainly be appreciated.
-Pete