Explain why we prefer attestations over ACLs

[MarkLodato]

SLSA implicitly prefers provenance attestations instead of carefully configured ACLs. We should explain why. Something like:

Theoretically one could configure ACLs properly such that a CI/CD system only pulls from the proper source, signing keys to only allow access to the CI/CD system, etc. In practice, that is almost impossible to get right and keep right. There are often over-provisioning, or confused deputy problems, or mistakes.

For these reasons, we prefer attestations of the properties we want to verify.