1// THIS FILE IS DEPRECATED 2// Users should instead use the corresponding proto in the xds tree. 3// No new changes will be accepted here. 4 5syntax = "proto3"; 6 7package udpa.annotations; 8 9import "udpa/annotations/status.proto"; 10 11import "google/protobuf/descriptor.proto"; 12 13option go_package = "github.com/cncf/xds/go/annotations"; 14 15// All annotations in this file are experimental and subject to change. Their 16// only consumer today is the Envoy APIs and SecuritAnnotationValidator protoc 17// plugin in this repository. 18option (udpa.annotations.file_status).work_in_progress = true; 19 20extend google.protobuf.FieldOptions { 21 // Magic number is the 28 most significant bits in the sha256sum of 22 // "udpa.annotations.security". 23 FieldSecurityAnnotation security = 11122993; 24} 25 26// These annotations indicate metadata for the purpose of understanding the 27// security significance of fields. 28message FieldSecurityAnnotation { 29 // Field should be set in the presence of untrusted downstreams. 30 bool configure_for_untrusted_downstream = 1; 31 32 // Field should be set in the presence of untrusted upstreams. 33 bool configure_for_untrusted_upstream = 2; 34} 35