Cryptographically sign events exchanged between agents and principal #259
Description
Is your feature request related to a problem? Please describe.
Today, events exchanged between the agents and the principal are inherently trusted by the receiving party, because it is assumed that the events are being received via an authenticated and secured connection. However, beyond that, there is no guarantee that that either the sender of the event is trusted, nor that the event was really destined for the receiver.
As we might introduce event transports in the future that may not have such strong guarantees about identity, it makes sense to optionally embed identity and authenticity information into the events themselves. This will prevent misrouting of events, as well as man-in-the-middle attacks through a potential event router (such as Kafka, or similar mechanisms).
Describe the solution you'd like
Each event should be augmented with information about the emitter and the receiver before it's being put on the wire. This information should comprise of identities of both, sender and receiver as well as a cryptographic validation of the event's contents (e.g. an HMAC).
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.