X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=PROTOCOL;h=e18cf0e1554da169e6ffdcd8994ba3a727f8c17c;hb=916021af0447d61202fd909a722c28b08a4a13a3;hp=6b12e4f01a6ee114e6247024e3e82b3349083cf8;hpb=1672ded0fa4c22a2c13cbe9f80baaf3f939bd5fa;p=hippotat.git

diff --git a/PROTOCOL b/PROTOCOL
index 6b12e4f..e18cf0e 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -8,20 +8,30 @@ from the queue and returns them as the POST response body payload
 Each incoming request contains up to max_batch_up bytes of payload.
 It's a multipart/form-data.
 
-Authentication: for now, plaintext password
+Authentication: clock-based lifetime-limited bearer tokens.
 
-Routing assistance: none needed; secnet polypath will DTRT
+Encryption and integrity checking: none.  Use a real VPN over this!
+
+Routing assistance: none in hippotat; can be requested on client
+ from userv-ipif via `vroutes' parameter.  Use with secnet polypath
+ ideally uses the special support in secnet 0.4.x.
 
 Client form parameters (multipart/form-data):
  m		metadata, newline-separated list (text file) of
 			client ip address (textual)
-		       	password
+		       	token
 			target_requests_outstanding
- d              data (SLIP format)
+			http_timeout
+ d              data (SLIP format, with SLIP_ESC and `-' swapped)
+
 
+Authentication token is:
+        <time_t in hex with no leading 0s> <hmac in base64>
+(separated by a single space).  The hmac is
+        HMAC(secret, <time_t in hex>)
 
 
-Future nonce-based authentication:
+Possible future nonce-based authentication:
 
 server keeps big nonce counter for each client
 meaning is: