Expand description
§Credentials
A Credential contains identifying information about the client that
created it. Credentials represent clients in MLS groups and are
used to authenticate their messages. Each
KeyPackage as well as each client (leaf node)
in the group (tree) contains a Credential and is authenticated.
The Credential must the be checked by an authentication server and the
application, which is out of scope of MLS.
Clients can create a Credential.
The MLS protocol spec allows the Credential that represents a client in a group to
change over time. Concretely, members can issue an Update proposal or a Full
Commit to update their LeafNode, as
well as the Credential in it. The Update has to be authenticated by the
signature public key corresponding to the old Credential.
When receiving a credential update from another member, applications must query the Authentication Service to ensure that the new credential is valid.
There are multiple CredentialTypes, although OpenMLS currently only
supports the BasicCredential.
Modules§
- Credential errors
Structs§
- Basic Credential.
- X.509 Certificate.
- Credential.
- A wrapper around a credential with a corresponding public key.
Enums§
- CredentialType.