3.3.8.2 a) Upon reception of the message the operation shall remove the matched user from the set of logged in users in the login service provider.
How we match a user is open to interpretation although it's implied through the method signature that we must do this through the authentication ID. Making this explicit would avoid the ambiguity.
SamCooper
commented
6 years ago
A requirement for the logout operation is:
How we match a user is open to interpretation although it's implied through the method signature that we must do this through the authentication ID. Making this explicit would avoid the ambiguity.