So, this part is super interesting to me, but I'm curious on how you envision that working inside applications.
For example, I have a tcp server that does
ln, err := net.Listen("tcp", ":8080")
conn, err := ln.Accept()
Same sort of idea for inbound http requests.. if I wanted to identify if a connection was from a user or an admin?
As I understand it, much of beyond corp type implementations rely on client certs or Identity Aware Proxies that include the user metadata along with the request.