3.3.6.1 Authentication Expiration Timer Event
When the Authentication Expiration Timer expires, the server MUST scan all sessions and it MUST set Server.Connection.SessionTable[UID].AuthenticationState to Expired, for which the Server.Connection.SessionTable[UID].AuthenticationState is valid and Server.Session.AuthenticationExpirationTime has passed, as specified in section 3.3.5.3.