SAML 2 Assertion - Always require signature validation #7490
Description
In some use cases, privately exchanged credentials can justify a use case where encryption is validation of the assertion content.
The default behavior should be that signature is always required, as that is the most secure behavior.