verify-step-up-user
verify-step-up-user = {yes|no}
Description
Determines whether the identity of the user performing a step-up operation must match the identity of the user that performed the previous authentication.
Options
yes The identity of the user performing the step-up operation must match the identity of the user that performed the previous authentication. In this case, the existing session key will be retained during step-up authentication. The value of the retain-stepup-session option controls whether the existing session key will be retained during step-up authentication. no The identity of the user performing the step-up operation need not match the identity of the user that performed the previous authentication operation. In this case, the session key must change during step-up authentication.
Usage: Required.
Default value yes
Example:
verify-step-up-user = yes