| ... | ... | @@ -49,7 +49,7 @@ The new concept introduced in Fenrir is that of an **authorization lattice**: we |
|
|
|
|
|
|
|
Take this authorization lattice for example:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Recall that in a client device we find a Fenrir Client and the applications. The Fenrir Client manages the tokens, the applications only receive connection data.
|
|
|
|
|
| ... | ... | @@ -111,4 +111,3 @@ The problem of lattice versions is taken care of with the "lattice version" byte |
|
|
|
|
|
|
|
The lattice distribution is done the first time a client connects to a service. Since it is the first time, we can authenticate and assume that the user has full access ("top"), but as soon as we have authenticated we transfer the lattice to the client.
|
|
|
|
|
|
|
|
|
