Module trust 

Trust policy and resolution for verifying identity root keys.

This module provides the trust bootstrapping infrastructure that determines how a verifier obtains, trusts, and updates root public keys for identities.

Key Types

• TrustPolicy - How the verifier decides to trust (TOFU vs explicit)
• KelContinuityChecker - Trait for verifying key rotation chains
• RotationProof - Evidence that a key rotation is valid
• PinnedIdentity - A pinned identity root with rotation context
• TrustLevel - How a pin was established (TOFU, Manual, OrgPolicy)
• TrustDecision - What the trust engine decided
• check_trust - Check trust for a presented identity
• resolve_trust - Apply policy to get final resolved key

Re-exports

pub use continuity::KelContinuityChecker;

pub use continuity::RotationProof;

pub use pinned::PinnedIdentity;

pub use pinned::PinnedIdentityStore;

pub use pinned::TrustLevel;

pub use policy::TrustPolicy;

pub use resolve::TrustDecision;

pub use resolve::check_trust;

pub use resolve::resolve_trust;

pub use roots_file::RootEntry;

pub use roots_file::RootsFile;

Modules

continuity

KEL continuity checking trait for key rotation verification.

pinned

Pin records for trusted identities.

policy

Trust policy definitions for identity verification.

resolve

Trust resolution logic for verifying identity root keys.

roots_file

Roots file loader for CI explicit trust.