From 010d0a7d569e3aab5261c68e4530e82171b2e311 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Mon, 13 Mar 2017 06:53:23 -0700
Subject: Docs and a bit of cleanup. In particular ALL makes no sense for
 revocations because they have IDs. In that case you would just revoke the
 COM.

---
 node/Capability.hpp | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'node/Capability.hpp')

diff --git a/node/Capability.hpp b/node/Capability.hpp
index 1ad6ea42..d070f2ad 100644
--- a/node/Capability.hpp
+++ b/node/Capability.hpp
@@ -52,6 +52,11 @@ class RuntimeEnvironment;
  *
  * Note that this is after evaluation of network scope rules and only if
  * network scope rules do not deliver an explicit match.
+ *
+ * Capabilities support a chain of custody. This is currently unused but
+ * in the future would allow the publication of capabilities that can be
+ * handed off between nodes. Limited transferrability of capabilities is
+ * a feature of true capability based security.
  */
 class Capability
 {
-- 
cgit v1.2.3