veyron2/security: Formalize "framework" caveats.
We intend for some caveats to be understood by all servers
(such as "expiration", "method restriction" etc.). To really
ensure this requires that:
(1) The caveats be decodeable irrespective of the language in which
the server is programmed it.
(2) The implementation of the corresponding CaveatValidators be available
in all binaries.
To this end, this commit:
(a) Introduces a VDL specification for the common types of caveats
(b) Provides this specification and the implementation of the corresponding
CaveatValidators in veyron2/security (as opposed to veyron/security/caveat,
which is not guranteed to be linked in to servers built on the veyron API).
While at it, I believe this commit leads to a cleaner API to add caveats
with the help of simple factory functions (security.ExpiryCaveat(time.Time) etc.)
and is thus able to get rid of a bulk of the veyron/security/caveat package.
A subsequent commit will provide a wire-specification for and implementation
of third-party caveats in veyron2/security, and with that the veyron/security/caveat
package will cease to exist.
Change-Id: I9298c32bd5b1d7db19c0a481f350f460ad116b7d
12 files changed
