I wish that they would give us the ability to clear the SSL cache from Javascript like in the mozilla base browers. This is very imported when using client certificates store on a smart card to authentication users to a site. There is no way to clear/close the SSL on logout, unless you close IE. When you revised the site you are not prompted for PIN code again, becuse the SSL session is alive.

In mozilla you can for example do:

function register() {
  window.crypto.enableSmartCardEvents=true;
  document.addEventListener("smartcard-remove",<callback>,false);
};

For closing SSL session:
function logout() {
  window.crypto.logout
};

There is noway to clear SSL cache even from a ActiveX Control (With calling something undocumented)

-gk