tailcfg: add RPC structs for /tka/affected-sigs

These RPCs will be used to power the future 'tailscale lock remove' default behavior
of resigning signatures for which trust is about to be removed.

Signed-off-by: Tom DNetto <tom@tailscale.com>
Tom DNetto 1 year ago committed by Tom
parent e220fa65dd
commit f9b746846f

@ -238,3 +238,27 @@ type TKASubmitSignatureRequest struct {
type TKASubmitSignatureResponse struct {
// Nothing. (yet?)
// TKASignaturesUsingKeyRequest asks the control plane for
// all signatures which are signed by the provided keyID.
// This is the request schema for a /tka/affected-sigs RPC.
type TKASignaturesUsingKeyRequest struct {
// Version is the client's capabilities.
Version CapabilityVersion
// NodeKey is the client's current node key.
NodeKey key.NodePublic
// KeyID is the key we are querying using.
KeyID tkatype.KeyID
// TKASignaturesUsingKeyResponse is the JSON response to
// a /tka/affected-sigs RPC.
// It enumerates all signatures which are signed by the
// queried keyID.
type TKASignaturesUsingKeyResponse struct {
Signatures []tkatype.MarshaledSignature