v0.9.0

Added — Tailnet-Lock AUM type + byte-exact CBOR (#7, chunk 1)

tka::Aum and its AumKey / AumState / AumSignature payloads — the acquisition-side AUM (Authority Update Message) type, mirroring Go tka.AUM / tka.Key / tka.State / tkatype.Signature. Aum::serialize / hash / sig_hash match Go AUM.Serialize / Hash / SigHash byte-for-byte (BLAKE2s-256 over CTAP2 CBOR; sig_hash omits the signatures field).

This is the first chunk of Tailnet-Lock verify-and-log (#7): the prerequisite for the chain replayer that will derive a trusted-key Authority from a control-synced AUM chain. The client verify path (Authority::node_key_authorized) is unchanged.

Byte-exactness is proven, not assumed — new tests reproduce the literal []byte vectors from Go tka/aum_test.go TestSerialization and assert identical canonical bytes. (Writing them caught a real subtlety: a non-omitempty nil []byte field encodes as CBOR null 0xf6, not an empty byte string.) Both the NodeKeySignature and Aum CBOR paths are now cross-validated against Go v1.100.0.

Changed (minor bump)

tka::cbor::Value gains Null and TextMap variants. The enum is public and not #[non_exhaustive], so an external exhaustive match must add arms — hence a minor bump, not a patch.

All 43 geiserx_* crates published to crates.io. Consumers: no behavior change; the verify path is untouched.