|
|
|
|
|
|
by arnarbi
872 days ago
|
|
|
In one of our iterations, we did indeed have a mandatory rule that each set of caveats added by a holder was terminated by a “sign off” caveat. But in the end we concluded that if that mattered in the actual enforcement, then one wasn’t really doing things “the capability way” and then that principal probably needed some stronger authentication than merely having held the unattenuated macaroon. But that’s theoretical thinking and the real world is indeed more shades of gray. See you in Madrid! |
|
|