v23/security.EndpointAuthorizer currently authorizes an endpoint that has no blessings associated with it. If there are blessings associated with an endpoint then those blessings are validated appropriately. This is a potential security bug since it allows a server which includes no blessings in its endpoint information to masquerade as one that has validated and matching blessings.

Closed by #242