mirror of https://github.com/slackhq/nebula.git
37 lines
1.1 KiB
Groff
37 lines
1.1 KiB
Groff
Nebula DEFINITIONS AUTOMATIC TAGS ::= BEGIN
|
|
|
|
Name ::= UTF8String (SIZE (1..253))
|
|
Time ::= INTEGER (0..18446744073709551615) -- Seconds since unix epoch, uint64 maximum
|
|
Network ::= OCTET STRING (SIZE (5,17)) -- IP addresses are 4 or 16 bytes + 1 byte for the prefix length
|
|
Curve ::= ENUMERATED {
|
|
curve25519 (0),
|
|
p256 (1)
|
|
}
|
|
|
|
-- The maximum size of a certificate must not exceed 65536 bytes
|
|
Certificate ::= SEQUENCE {
|
|
details OCTET STRING,
|
|
curve Curve DEFAULT curve25519,
|
|
publicKey OCTET STRING,
|
|
-- signature(details + curve + publicKey) using the appropriate method for curve
|
|
signature OCTET STRING
|
|
}
|
|
|
|
Details ::= SEQUENCE {
|
|
name Name,
|
|
|
|
-- At least 1 ipv4 or ipv6 address must be present if isCA is false
|
|
networks SEQUENCE OF Network OPTIONAL,
|
|
unsafeNetworks SEQUENCE OF Network OPTIONAL,
|
|
groups SEQUENCE OF Name OPTIONAL,
|
|
isCA BOOLEAN DEFAULT false,
|
|
notBefore Time,
|
|
notAfter Time,
|
|
|
|
-- issuer is only required if isCA is false, if isCA is true then it must not be present
|
|
issuer OCTET STRING OPTIONAL,
|
|
...
|
|
-- New fields can be added below here
|
|
}
|
|
|
|
END |