Peer authorisation

[Veritius]

Some kind of transport-agnostic API or trait that lets you add steps to 'authorise' a peer before it's considered fully connected, but only after a handshake so reliability is ensured. This could be a whole stage in #16.

It should be added during construction of the App, and it's iterated by transport layers before they say "yep, this peer's all good!"

Should the I/O API be distinct from the typed message API exposed to systems? They should probably just directly take in/put out bytes for transmission, which the transport layer will deal with however it chooses.

Other considerations:

• Should all authorisation steps need to finish and signal acceptance before the peer is let in?
• Should authorisation steps be able to have a 'minimum security level' like described in Flagging a NetworkPeer as 'secure' #14?
• The hashing feature flag can probably be implemented as an authorisation step.

[Veritius]

On second thought, it's probably better to have a solution where systems can signal to NetworkPeer entities that they're running authentication checks. When that's passed, then other systems are made aware of that and can run as per usual. This allows authentication checks, being systems, to access the World (which a trait solution can't easily do) so extra data can be appended, like state.