rename "password" to "secret" everywhere

[hippotat.git] / PROTOCOL

diff --git a/PROTOCOL b/PROTOCOL
index c1ef03b0cfd8cb54a1e335afd2567e153d96ddf7..4e07db163296421c402714f8858a0059a1e5725a 100644 (file)
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -8,13 +8,29 @@ from the queue and returns them as the POST response body payload
 Each incoming request contains up to max_batch_up bytes of payload.
 It's a multipart/form-data.
 
-Authentication: for now, plaintext password
+Authentication: for now, plaintext secret
 
-Routing assistance: none needed; secnet polypath will DTRT
+Routing assistance: none in hippotat; can be requested on client
+ from userv-ipif via `vroutes' parameter.  Use with secnet polypath
+ ideally uses the special support in secnet 0.4.x.
 
 Client form parameters (multipart/form-data):
  m             metadata, newline-separated list (text file) of
                        client ip address (textual)
                        password
                        target_requests_outstanding
- d              data (SLIP format)
+                       http_timeout
+ d              data (SLIP format, with SLIP_ESC and `-' swapped)
+
+
+
+
+Possible future nonce-based authentication:
+
+server keeps big nonce counter for each client
+meaning is:
+ nonce counter is most recent nonce client has sent
+also server keeps bitmap of the previous ?64 nonces,
+ whether client has sent them
+
+client picks.... xxx