docs(architecture): fix OQ-05 — multi-connectivity endpoint, not multi-transport

Correct the conflation of quinn/TLS/iroh as interchangeable transports.
They are complementary connectivity modes serving different deployment
contexts: quinn (public IP + TLS), iroh (NAT traversal via relay), TCP
(handler-specific, not core). Clarify that TLS cert = network identity,
not auth identity. Map stealth mode to HTTP handler on standard ALPNs
instead of byte-peeking. Resolve OQ-05 as one-way door. SendStream/
RecvStream now use internal enum dispatch for both quinn and iroh
streams.
This commit is contained in:
2026-06-16 12:41:03 +00:00
parent 90d5f4eaf9
commit 5c8448ff86
6 changed files with 234 additions and 142 deletions

View File

@@ -35,7 +35,7 @@ Core library for ALPN-based protocol dispatch. Every handler crate depends on al
| OQ | Title | Status | Relevance |
|----|-------|--------|-----------|
| OQ-04 | Dynamic handler registration | resolved (start static) | HandlerRegistry is immutable at startup |
| OQ-05 | Multi-transport endpoint | open (start with quinn) | AlknetEndpoint uses quinn directly |
| OQ-05 | Multi-connectivity endpoint | resolved (quinn + iroh) | AlknetEndpoint supports both, both feature-gated |
| OQ-11 | AuthContext resolution completeness | open | How handlers signal auth completion |
## Key Design Principles