This document describes mechanisms for forcing a user to perform an additional login (reauthentication) in order to ensure that the user who is accessing a protected resource is the same person who initially authenticated at the start of the session. Forced reauthentication can therefore provide additional protection for sensitive resources.
google doc: https://docs.google.com/document/d/1BgwXppt09Mntfg6Z59BEK5rA0nVN2mZCgF3fHsy2eaw/edit#heading=h.z44o6enfavpo
|2018-01-16 10:00 (CET)||https://www.nikhef.nl/grid/video/?m=aarcjra1||Followup on document||We agreed that Nicolas, Davide and interested people drop their input into the google doc|
|2018-01-30 10:00 (CET)||https://www.nikhef.nl/grid/video/?m=aarcjra1||Intermediate discussion|
Document received various inputs by Davide and Nicolas
Additional contributions and oversight requested by interested parties