...
This topic describes InCommon policy, requirements, and recommended practices regarding the security of browser-facing endpoints in metadata. Thus the focus here is on the keys and certificates used for browser-facing TLS. See the IdP Key Handling and SP Key Handling topics Key Usage topic regarding keys used for XML Signature and XML Encryption (resp.).
Server Endpoint Security
...