Release date for 3.1.0

[Cantor, Scott]

> The SP looks up the session based on the NameID alone. The cookie is cross
> checked if it's there but not if it isn't.

It occurred to me when logging into something with a SameSite bug that what you really meant is that you're not doing a SAML logout. The proprietary endpoint should never be used by an IdP but if you're misusing it
 to do a logout remotely, yes, it does require the cookie there for obvious reasons.

-- Scott