Subject: WantsAuthnRequestSigned and AuthnRequestsSigned attributes
Hi. In the metadata there is support for whether AuthnRequest messages should be signed or not (from a requester and responder perspective) using the WantsAuthnRequestSigned and AuthnRequestsSigned attributes. It seems incomplete that this does not extend to all protocol requests and protocol responses. I.e.,
WantsResponseSigned and ResponsesSigned
WantsLogoutRequestSigned and LogoutRequestSigned
WantsLogoutResponseSigned and LogoutResponsesSigned
WantsManageNameIDRequestSigned and ManageNameIDRequestSigned
And these would somehow be associated with an endpoint. So for example, SOAP messages may disable protocol message signing (since the binding typically would provide this capability). Whereas HTTP-based binding would require this.