Crate dyolo_kya_redis

Expand description

§dyolo-kya-redis

Production Redis storage backends for dyolo-kya.

Type	Trait	Description
`RedisRevocationStore`	`AsyncRevocationStore`	Stores revoked cert fingerprints with optional TTL
`RedisNonceStore`	`AsyncNonceStore`	Stores consumed nonces with TTL tied to max cert lifetime

Both types use a connection pool (deadpool-redis) for production throughput and are safe to share across Tokio tasks via Arc.

§Quick start

use std::sync::Arc;
use std::time::Duration;
use dyolo_kya_redis::{RedisRevocationStore, RedisNonceStore};

let rev = Arc::new(
    RedisRevocationStore::connect("redis://127.0.0.1/", "kya:rev", None).await?
);
let nonces = Arc::new(
    RedisNonceStore::connect("redis://127.0.0.1/", "kya:nonce", Duration::from_secs(7200)).await?
);

§Key naming

Both stores prefix all Redis keys with a configurable namespace:

Revocation: {namespace}:{hex-fingerprint} → value 1, no expiry by default
Nonces: {namespace}:{hex-nonce} → value 1, expiry = nonce_ttl_secs

§Distributed TTL strategy

Set nonce_ttl_secs to:

max_cert_lifetime_secs + max_clock_drift_secs + safety_margin_secs

Structs§

RedisNonceStore: Redis-backed AsyncNonceStore with mandatory per-key TTL.
RedisRevocationStore: Redis-backed AsyncRevocationStore with optional per-key TTL.

Crate dyolo_kya_redis

Crate dyolo_kya_redis Copy item path

§dyolo-kya-redis

§Quick start

§Key naming

§Distributed TTL strategy

Structs§

Crate dyolo_kya_redis