+
+ /// Trust on first use
+ pub struct Tofu {
+ known_hosts: Vec<TofuHost>,
+ }
+ pub struct TofuHost {}
+
+ /*
+ impl rustls::client::ServerCertVerifier for Tofu {
+ fn verify_server_cert(
+ &self,
+ end_entity: &Certificate,
+ _: &[Certificate],
+ server_name: &ServerName,
+ scts: &mut dyn Iterator<Item = &[u8]>,
+ ocsp_response: &[u8],
+ now: SystemTime,
+ ) -> Result<ServerCertVerified, Error> {
+ let host: TofuHost = TofuHost::new();
+ if self.knows(host) {
+ if self.trusts(host) {
+ Ok(())
+ } else {
+ Err(())
+ }
+ } else {
+ self.remember(host);
+ Ok(())
+ }
+ }
+ }
+ */