Web Services Security (WSS): X.509 Certificate Token Profile 1.0 describes how to use X.509 certificates in conjunction with the WSS: SOAP Message Security specification. More specifically, it covers how a Web service can use X.509 certificates as a means of providing authentication between a Web service provider and requester.
The WSS: X.509 Certificate Token Profile 1.0 specification is published by the Organization for the Advancement of Structured Information Standards (OASIS) at Web Services Security: X.509 Certificate Token Profile 1.0 (WS-Security 2004).