Module fog_db_traits::cert

source ·
Expand description

Certificate and Policy API.

Access to the database and queries on remote databases are often limited by an access Policy, which sets up what Identities are allowed to be connected to. These policies require setting up relations between Identities, which is accomplished with Certificates.

Structs

  • Cert
    A certificate, which can be encoded as a fog-pack Document and signed.
  • CertReplace
    A certificate replacement statement. Replace the certificate under the revoke hash with the one at the replace_with hash. Replacement should fail if the revoke & replace_with hashes don’t share the exact same subject/context/key/signer set.
  • Policy
    A Policy, which specifies what requirements an identity must meet to be accepted by the policy. If the chains are empty, an identity must be amongst the listed root identities. If the chains are not empty, the identity must either be amongst the roots, or it must satisfy the rules in any one of the chains.
  • PolicyChain
    A policy chain. Each link represents a requirement that an identity must meet in order to act as a signer for the subsequent link.
  • PolicyLink
    A link in a policy chain. Consists of a key-value pair, and how many Identities meeting the previous link requirements must have issued a certificate asserting the key-value pair for an Identity.