...
The permissions are defined on a pr. certificate based basis for each operation or set of operations. See RepositorySettings for detailes model.
To authorise an operation, the request must be signed in order to identify the certificate and which operations it is allowed to perform.
Signing messages
All messages in the system must be signed to ensure that the senders of the messages are who they claim they are and that the messages have not been tampered with.
...