Acme runs a testbed. They've delegated the authority to create
experiments to all their partners. The Globotron company is one such
partner.

    Acme.experiment_create <- Acme.partner.experiment_create
    Acme.partner <- Globotron

Globotron has delegated the authority to anyone an admin thinks is a
'power user'.

    Globotron.experiment_create <- Globotron.admin.power_user

Alice is an admin, and her friend Bob is a power user:

    Globotron.admin <- Alice
    Alice.power_user <- Bob

From these credentials, it is possible to construct a proof graph
showing that Acme.experiment_create <- Bob.

Note that there is a one-to-one correspondence with each credential
above and the attribute certificates below.

creddy --generate --cn Acme

creddy --generate --cn Globotron

creddy --generate --cn Alice

creddy --generate --cn Bob

creddy --attribute \
       --issuer Acme_ID.pem --key Acme_private.pem --role experiment_create \
       --subject-cert Acme_ID.pem --subject-role partner.experiment_create \
       --out Acme_experiment_create__Acme_partner_experiment_create_attr.der

creddy --attribute \
       --issuer Acme_ID.pem --key Acme_private.pem --role partner \
       --subject-cert Globotron_ID.pem \
       --out Acme_partner__Globotron_attr.der 

creddy --attribute \
       --issuer Globotron_ID.pem --key Globotron_private.pem --role experiment_create \
       --subject-cert Globotron_ID.pem --subject-role admin.power_user \
       --out Globotron_experiment_create__Globotron_admin_power_user_attr.der

creddy --attribute \
       --issuer Globotron_ID.pem --key Globotron_private.pem --role admin \
       --subject-cert Alice_ID.pem \
       --out Globotron_admin__Alice_attr.der

creddy --attribute \
       --issuer Alice_ID.pem --key Alice_private.pem --role power_user \
       --subject-cert Bob_ID.pem \
       --out Alice_admin__Bob_attr.der