Skip to content

Commit

Permalink
Updated wording following comment in OWASP#2162
Browse files Browse the repository at this point in the history
  • Loading branch information
@ryarmst @elarlang
ryarmst authored and elarlang committed Oct 21, 2024
1 parent 2d85ce3 commit 932d455
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion 5.0/en/0x12-V3-Session-management.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ L1 in this context is IAL1/AAL1, L2 is IAL2/AAL3, L3 is IAL3/AAL3. For both IAL2
| # | Description | L1 | L2 | L3 | CWE | [NIST §](https://pages.nist.gov/800-63-3/sp800-63b.html) |
| :---: | :--- | :---: | :---: | :---: | :---: | :---: |
| **3.3.1** | [MOVED TO 3.8.1] | | | | | |
| **3.3.2** | [MODIFIED, SPLIT TO 3.3.5] Verify that there is an absolute maximum session lifetime such that re-authentication is enforced according to documented requirements. |||| | |
| **3.3.2** | [MODIFIED, SPLIT TO 3.3.5] Verify that there is an absolute maximum session lifetime such that re-authentication is enforced according to risk analysis and documented security decisions. |||| | |
| **3.3.3** | [MOVED TO 3.8.2] | | | | | |
| **3.3.4** | [MOVED TO 3.8.3] | | | | | |
| **3.3.5** | [ADDED, SPLIT FROM 3.3.2] Verify that re-authentication is required after 30 minutes of inactivity for L2 applications or after 15 minutes of inactivity for L3 applications. | ||| 613 | 7.2 |
Expand Down

0 comments on commit 932d455

Please sign in to comment.