token
target_requests_outstanding
http_timeout
+ max_batch_down } not supplied
+ max_batch_up } by older clients
d data (SLIP format, with SLIP_ESC and `-' swapped)
<time_t in hex with no leading 0s> <hmac in base64>
(separated by a single space). The hmac is
HMAC(secret, <time_t in hex>)
+and the hash function is SHA256
Possible future nonce-based authentication:
also server keeps bitmap of the previous ?64 nonces,
whether client has sent them
-client picks.... xxx
+difficult because client-generated nonces would have to never go
+backwaards which basically means never-rewinding state on the client.