As far as I understand the hf.Registrar.Roles attribute defines the roles that the identity I'm creating can register when this identity in-turn registers new identities. What does the hf.Registrar.DelegateRoles attribute define? Any research online leads me to believe it performs the same fucntion as what the hf.Registrar.Roles attribute does. If someone can point out the difference between the two and explicate how they both make a difference in a practical scenario, it would be of great help. Thanks.
hf.Registrar.Roles - these are the roles which the registrar is allowed to assign to users it registers
hf.Registrar.DelegateRoles - these are the roles which the registrar is allowed to assign to the hf.Registrar.Roles attribute of users it registers
For example, the "super" admin may want to register a user which is also allowed to register users but may want to restrict that user from creating additional registrars or may want to limit the roles it can create registrars for.
So let's say hf.Registrar.Roles="client,user,peer" but hf.Registrar.DelegateRoles="client". This means the registrar can register users with roles client,user or peer but can only create additional registrars with the attribute hf.Registrar.Roles="client".