[Spivak]

Which is silly because if you do that you're basically admitting that your SSO isn't fulfilling its promise of identifying the user. If you are having the thought, "what if the user I authed isn't the user anymore" then you should be reauthing them for any service at that point.

[seanp2k2]

Almost as fun as when TSA uses logic like “we thought you were going to hijack a plane using those nail clippers, but now that we’ve made you throw them away, you can board with no further scrutiny! Crisis averted!”