Module policy 

Namespace policies — define what certificate names a CA may issue.

A CA should only issue certificates for names within its authorized namespace. Policies are checked before a challenge is even started, preventing unauthorized cross-namespace issuance.

Structs

DelegationPolicy

A policy based on explicit delegation rules.

HierarchicalPolicy

The hierarchical policy: a requester may only obtain certificates for names that are strictly under their own current certificate’s identity prefix.

Enums

PolicyDecision

Decision returned by a namespace policy evaluation.

Traits

NamespacePolicy

A policy that decides whether a CA may issue a certificate for a given name.