These docs are under active development and cover the v0.20 Kobicha security model.
Peios Learn
§1.3

Conventions

This specification uses the key words MUST, MUST NOT, SHALL, SHALL NOT, SHOULD, SHOULD NOT, MAY, REQUIRED, and OPTIONAL as described in RFC 2119.

ⓘ Informative
"MUST" and "SHALL" indicate absolute requirements. "MUST NOT" and "SHALL NOT" indicate absolute prohibitions. "SHOULD" indicates a recommendation that may be departed from in particular circumstances with full understanding of the implications. "MAY" indicates a truly optional feature.

Pseudocode in this specification uses the following conventions:

  • & as a parameter prefix denotes an in-out parameter (the caller's value is read and may be modified).
  • | in expressions denotes bitwise OR.
  • & in expressions denotes bitwise AND.
  • ~ denotes bitwise NOT.
  • denotes function return type.
  • // introduces a comment.
  • Assignment is =. Augmented assignment is |=, &=.
  • All access masks are 32-bit unsigned integers unless otherwise stated.
  • SID comparison is byte-for-byte equality of the binary encoding.

Section references within this specification use the form "section N.N" and refer to the section numbering generated by the document system.

ⓘ Informative
KACS data structures (SDs, SIDs, ACEs, access masks) use binary formats compatible with Active Directory and Samba, ensuring interoperability in domain environments. Where the KACS evaluation model departs from the behaviour described in MS-DTYP, the divergence is intentional and documented in the Compatibility section.