...
The event-generator needs some way to validate the method of reception provided by the event-receiver
The event-generator needs some way to validate the identity of each event-receiver
Vice versa, each event-receiver needs a way to validate the events originates from the generator*
Event-receivers should only be able to register for events they are authorized to read
Event-receivers should only receive events they are authorized to read†
When the generator sends an event, only the event receiver should be able to see it‡
...