I'm using SSO through Azure using the SustainSys Saml2 library and everything works fine. But I wanted to make sure SustainSys was really doing certificate validation, and if I configure the idP entry with a bogus certificate (the certificate exists, it just has nothing to do with the idP), I'm still able to log in and the SustainSys log shows "Signature validation passed for Saml Response". Shouldn't it be failing?