+++ /dev/null
-Server maintains a queue of outbound packets for each user
-
-Packets which are older than the applicable max_queue_time are discarded
-
-Each incoming request to the server takes up to max_batch_down bytes
-from the queue and returns them as the POST response body payload
-
-Each incoming request contains up to max_batch_up bytes of payload.
-It's a multipart/form-data.
-
-Authentication: clock-based lifetime-limited bearer tokens.
-
-Encryption and integrity checking: none. Use a real VPN over this!
-
-Routing assistance: none in hippotat; can be requested on client
- from userv-ipif via `vroutes' parameter. Use with secnet polypath
- ideally uses the special support in secnet 0.4.x.
-
-Client form parameters (multipart/form-data):
- m metadata, newline-separated list (text file) of
- client ip address (textual)
- token
- target_requests_outstanding
- http_timeout
- d data (SLIP format, with SLIP_ESC and `-' swapped)
-
-
-Authentication token is:
- <time_t in hex with no leading 0s> <hmac in base64>
-(separated by a single space). The hmac is
- HMAC(secret, <time_t in hex>)
-
-
-Possible future nonce-based authentication:
-
-server keeps big nonce counter for each client
-meaning is:
- nonce counter is most recent nonce client has sent
-also server keeps bitmap of the previous ?64 nonces,
- whether client has sent them
-
-client picks.... xxx