Purposes for TrustAnchor instances

[jsha]

Right now TrustAnchor has the fields subject, spki, and name_constraints. Some trust stores have "trust bits" for various purposes (mainly TLS server vs email). I suspect it's implicit that webpki TrustAnchors are always considered to be trusted for authenticating TLS servers and TLS clients. Does it make sense to make that explicit in the documentation?

[briansmith]

When you pass the trust anchors into webpki, you have to wrap them either in TLSServerTrustAnchors or TLSClientTrustAnchors; i.e. this is explicit in the API already. I'm planning to refactor the API and when I do I intend to keep the distinction explicit in the types.