|
|
|
|
|
|
by hem777
975 days ago
|
|
|
One way to do authorization is to sign each operation/message and then verify the signature to match a public key in an access control list. This also enables CRDTs to work in a peer to peer context. But as aboodman says in a sibling comment, if there’s a server as an authority, it can simply reject messages from unauthorized clients. |
|
|