Note self-license expiry re-check in licensing-tiers guide
This commit is contained in:
Keysat
@@ -27,8 +27,10 @@ comments or copy as stale.
|
|||||||
|
|
||||||
Tier gates read **live** entitlements from `licenses.entitlements`, refreshed
|
Tier gates read **live** entitlements from `licenses.entitlements`, refreshed
|
||||||
hourly by `refresh_self_tier_from_db` in `license_self.rs`, so issuer-applied
|
hourly by `refresh_self_tier_from_db` in `license_self.rs`, so issuer-applied
|
||||||
**downgrades, suspensions, and revocations** reach a running daemon without a
|
**downgrades, suspensions, and revocations** — plus the key's own **expiry**
|
||||||
restart. The signed self-license key is the **ceiling**: the live DB row may
|
(the refresh re-verifies the on-disk key, demoting an expired one) — reach a
|
||||||
|
running daemon without a restart. The signed self-license key is the
|
||||||
|
**ceiling**: the live DB row may
|
||||||
*narrow* the tier but never *widen* it past what the signature grants
|
*narrow* the tier but never *widen* it past what the signature grants
|
||||||
(`clamp_to_signed_ceiling`). A genuine **upgrade** therefore comes from a
|
(`clamp_to_signed_ceiling`). A genuine **upgrade** therefore comes from a
|
||||||
re-issued key — re-run the StartOS "Activate Keysat license" action — not from
|
re-issued key — re-run the StartOS "Activate Keysat license" action — not from
|
||||||
|
|||||||
Reference in New Issue
Block a user