Skip to main content

auths_core/trust/
mod.rs

1//! Trust policy and resolution for verifying identity root keys.
2//!
3//! This module provides the trust bootstrapping infrastructure that determines
4//! how a verifier obtains, trusts, and updates root public keys for identities.
5//!
6//! ## Key Types
7//!
8//! - [`TrustPolicy`] - How the verifier decides to trust (TOFU vs explicit)
9//! - [`KelContinuityChecker`] - Trait for verifying key rotation chains
10//! - [`RotationProof`] - Evidence that a key rotation is valid
11//! - [`PinnedIdentity`] - A pinned identity root with rotation context
12//! - [`TrustLevel`] - How a pin was established (TOFU, Manual, OrgPolicy)
13//! - [`TrustDecision`] - What the trust engine decided
14//! - [`check_trust`] - Check trust for a presented identity
15//! - [`resolve_trust`] - Apply policy to get final resolved key
16
17pub mod continuity;
18pub mod pinned;
19pub mod policy;
20pub mod resolve;
21pub mod roots_file;
22
23pub use continuity::{KelContinuityChecker, RotationProof};
24pub use pinned::{PinnedIdentity, PinnedIdentityStore, TrustLevel};
25pub use policy::TrustPolicy;
26pub use resolve::{TrustDecision, check_trust, resolve_trust};
27pub use roots_file::{RootEntry, RootsFile};