9 releases (stable)
Uses old Rust 2015
1.0.6 | Oct 22, 2016 |
---|---|
1.0.4 | Apr 5, 2016 |
1.0.0 | Mar 28, 2016 |
0.1.2 | Mar 21, 2016 |
#268 in #rest
24 downloads per month
13KB
134 lines
This is an implementation for a REST-style revoke infrastructure. This contains both the code of the crate "edcert-restrevoke", which is the client implementation (fully rust) and also a sample implementation of a server (found in revoke-server), which is a simple PHP script querying a MySQL database.
Design
The architecture is as follows: You can have multiple "clients", which all connect to one (or more) revoke-server. These can query if a certain public key has been revoked, or not. The server will eg. query a database for public keys known to be revoked and send an appropriate response.
A public key and therefore a certificate will be revoked, if the private key has been disclosed, or the authenticity can't be guaranteed for other reason
lib.rs
:
This crate defines a RestRevoker
. This is a configurable revoke client, which sends a
request to the server via HTTP and parses the result as JSON. The server should return a
JSON object with the key "revoked", which value should be a boolean.
Dependencies
~24MB
~214K SLoC