Dynamic Access Control List

[Tejpbit]

Hi.
I'm trying to figure out if zenoh cover access control mechanics.

I'd be interested to see the plan for how that will be implemented to see if we'll be able to use it.
In short, our use case is to maintain an ACL list where clients can request access to resources and another client has the authority role and will approve or deny requests.
A client could request access to resources in a manner similar to:
SUBSCRIBE home/**/temperature
WRITE home/**/temperature

Beyond that a client could ask for access to hand out permissions by requesting
WRITE PERMISSIONS_AUTHORITY
The format might change, but hopefully you get the idea.

What I've found so far is
"Protocols improvements. We have reorganised the protocol to make it even simpler to port zenoh to different kinds of networks while exploiting network specific features. We have also added the ability to carry user provided attachments with both data and queries. These attachments can be used by zenoh applications to either extend the protocol, or for instance add user level security." from here.

And I also see that there's a plan for it in the roadmap.

So my questions are:
How far along is access control planned?
Is there documentation available somewhere of the planned feature?
Will the plugin API be extended so anyone could write their own plugin for managing if clients are allowed to subscribe to or write to a specific topic? (Similar to the api in mosquitto where plugins can get a callback for ever message+client combination and check the ACL list if that client is allowed to read/write the resource?)

I would also be happy to add more details on our use case.