Upgrade notes for SimpleSAMLphp 1.8

* The IdP now sends the NotOnOrAfter attribute in LogoutRequest messages.
* We now have full support for selecting the correct AssertionConsumerService endpoint based on parameters in the authentication request.
  As a side effect of this, an IdP may start sending responses to a new AssertionConsumerService endpoint after upgrade.
  (This should only happen in the case where it sent the response to the wrong endpoint before.)
* The SP no longer incorrectly returns PartialLogout as a status code in a LogoutResponse after the local session has expired.