Some notes on warrants

• Warrants can in general contain any arbitrary data. Beatrix has sanitised its warrants to contain essentially just a service type (string) and the arbitrary service-specific property.
• Warrants contain very specific information about how to connect to the service, and in particular URLs of the bind servers (the SAS servers). Since bind servers can come and go, it is possible for these URLs to get out of date. Therefore as a service provider we might like to allow our consumers to update their warrants--each time the getWarrant() method is called the latest bind servers get written in.
• The data held in a warrant can be any Property, but what is good practice?

  As an example, a DNS service will issue warrants to allow consumers to manage their own domain name and no others. Each such warrant relates to a contract the consumer has agreed with the service provider. The contract will specify the domain name in question, what rights the consumer has, when the contract should be renewed, and so on.

  A simple approach to the warrant data would be to have it carry a single ID number. The ID refers to a contract in the DNS's database. This is helpful if the contract details are large and complex.

  However, perhaps a better approach in this case is to store all the contract information in the warrant data. This way the warrant is self-contained. The DNS service needs to maintain only a minimal database--it only needs to keep a list of cancelled contracts. Assuming warrant data is signed the service provider does not have to worry about tampering. See Section  on how to make sure warrants are signed.