According to SAML profile spec 18.104.22.168:
"The response is sent to the original session participant, using a SAML binding consistent with the binding
used in the original request, the capability of the responder, and the availability of the user agent at the
identity provider. Assuming an asynchronous binding was used in step 1, then any binding supported by
both entities MAY be used."
This is currently not obeyed by OpenAM: it always tries to use the same binding as what was used to initiate the logout process itself. Instead it should attempt to use a binding that is actually supported by the SP. According to  for sending the final response we should only use HTTP-Redirect or HTTP-POST bindings, as SOAP is not implementable.