It means that the host application can pass an attribute with an nsec and that will be used for display and signing. It's not possible to log in with an nsec via the UI