(Requirement) Authorization system should be able to express the pseudo-principal concepts like 'public'
There should be well-known mechanisms in the authorization system to allow access rules that explicitly grant access to pseudo-principals, including:
- public: anonymous, non-authenticated users
- valid-user: authenticated user
- registered-user: authenticated user with explicit minimal contact information
- verified-user: authenticated user with explicit minimal contact information that has been verified as belonging to a real account holder