Code review comment for lp:~mir-team/mir/attestable-timestamps-server

> Looks good.
>
> Not blocking, but I find the following API simpler to understand:
>
> create_with_new_secret(unsigned int secret_size);
> create_with_existing_secret(Secret const& secret);
> Secret secret();
>
> Of course, with this API the secret is no longer really "secret" (i.e.
> internal to the class), but I don't think it matters. If one has access to the
> class, then it doesn't really matter if one also has the secret (for our use
> cases at least).

A main use of the API is to share the secret around once its been created. So we need to be able to expose the secret on creation so we can share it with another factory.