* Cantor, Scott <cantor.2 at osu.edu> [2012-11-15 17:52]: > Yes, but I don't see what that buys you unless your goal is to > deploy all those certs and then not protect your applications with > them. Getting around the HTTP POST from SSL (IdP) to non-SSL (SP) security warning in the user agent, IIRC, -peter