We have to federate our WSO2 Identity Server with external (government) SAML IDP. Their new requirement from 2021 is to separate encryption keys from signing keys. Does WSO2 IS