[e12e]

Overall cool stuff. It feels like this has implications for auth/authz schemes in general, like a variant of kerberos, or a way to do auth/authz for a ssh like service - maybe even a way to anchor trust (in user principals and service principals - like ssh keys and/or certificates)?

If we replace "the signal server" with "the authentication/authorization service ("the AD service" / the organization's internal certificate authority")...?

Maybe I'm just needlessly afraid of the complexity of managing a real world certificate authority (keeping it secure, keeping it running, keeping as much as possible off line..).