add cacheable id cert model.

Author: bitfl0wer

api/src/core/main.tsp

@@ -189,4 +189,27 @@ namespace models {
         NewestFirst,
         OldestFirst
     }
+
+    /**
+     * A cacheable response to an ID-Cert request.
+     */
+    model CacheableIDCert {
+        @doc("The requested ID-Cert in ASCII PEM format.")
+        @example("------BEGIN CERTIFICATE------...")
+        idCertPem: string,
+        @doc("UNIX timestamp that specifies when this specific id_cert has been marked as invalidated by the server. An ID-Cert is considered invalidated, if the server or actor choose to revoke the validity of the ID-Cert before the lifetime of the certificate was scheduled to end. If this property does not exist, the ID-Cert has not been invalidated.")
+        @example(1736610000)
+        invalidatedAt?: uint64,
+        @doc("UNIX timestamp that specifies the time from which this cache entry may be treated as valid.")
+        @example(1736606402)
+        cacheNotValidBefore: uint64,
+        @doc("UNIX timestamp that specifies a time until which this cache entry may be treated as valid.")
+        @example(1736613602)
+        cacheNotValidAfter: uint64,
+        @doc("Signature generated by the home server. This signature can be verified using the home servers' public identity key. A server generates the `cacheSignature` by concatenating the serial number of the ID-Cert in question with the `cacheValidNotBefore` timestamp and the `cacheValidNotAfter` timestamp, then generating the signature of the resulting concatenated string using the private identity key of the server. Clients must reject certificates of which the `cacheSignature` can not be verified to be correct.")
+        @example("7ab2bbde7fe43c7481a3a61031546bab16bc1a8735b2f0cdd519958c7f2f99f8")
+        @minLength(32)
+        @maxLength(32)
+        cacheSignature: string
+    }
 }