michael@0: /* -*- Mode: IDL; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
michael@0:  *
michael@0:  * This Source Code Form is subject to the terms of the Mozilla Public
michael@0:  * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0:  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0: 
michael@0: #include "nsISupports.idl"
michael@0: 
michael@0: /*
michael@0:  * Historically, principals, certificates, and signed JARs were all linked
michael@0:  * together in one big mess. When that mess was cleaned up, it turned out that
michael@0:  * the principals used to store certificate information didn't overlap at all
michael@0:  * with the principals used for security policy. So this interface was created
michael@0:  * so that real principals wouldn't have to carry around all that baggage.
michael@0:  *
michael@0:  * The name here is totally a misnomer. This isn't a principal at all, and would
michael@0:  * better be called nsICertificateHolder or something. But that would require
michael@0:  * renaming some APIs, so let's just let this be for now.
michael@0:  */
michael@0: 
michael@0: [scriptable, uuid(7cd4af5a-64d3-44a8-9700-804a42a6109a)]
michael@0: interface nsICertificatePrincipal : nsISupports
michael@0: {
michael@0:     readonly attribute AUTF8String fingerprint;
michael@0:     readonly attribute AUTF8String prettyName;
michael@0:     readonly attribute AUTF8String subjectName;
michael@0:     readonly attribute nsISupports certificate;
michael@0:     readonly attribute boolean     hasCertificate; // For compat; always true.
michael@0: 
michael@0:     bool equals(in nsICertificatePrincipal aOther);
michael@0: };
michael@0: 
michael@0: ////////////////////////////////////////////////////////////////////////////////