X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=hippotat.git;a=blobdiff_plain;f=PROTOCOL;h=e18cf0e1554da169e6ffdcd8994ba3a727f8c17c;hp=330c01fd10f70e3a2e0cc02c44ef086ead0ab45b;hb=216519e342072164533ae340141d585c638db8e2;hpb=ec88b1f1080f9adffbe1c4c05c38c01e758f124b

diff --git a/PROTOCOL b/PROTOCOL
index 330c01f..e18cf0e 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -1,41 +1,42 @@
 Server maintains a queue of outbound packets for each user
 
-Packets which are older than MAX_QUEUE_TIME are discarded
+Packets which are older than the applicable max_queue_time are discarded
 
-Each incoming request to the server takes up to MAX_BATCH_DOWN bytes
+Each incoming request to the server takes up to max_batch_down bytes
 from the queue and returns them as the POST response body payload
 
-Each incoming request contains up to MAX_BATCH_UP bytes of payload.
+Each incoming request contains up to max_batch_up bytes of payload.
 It's a multipart/form-data.
 
-Authentication: for now, plaintext password
+Authentication: clock-based lifetime-limited bearer tokens.
 
-Sever side configuration:
+Encryption and integrity checking: none.  Use a real VPN over this!
 
- [<client-ipaddr>] or [default]
- max_batch_down
- max_queue_time
- max_request_time
- password
+Routing assistance: none in hippotat; can be requested on client
+ from userv-ipif via `vroutes' parameter.  Use with secnet polypath
+ ideally uses the special support in secnet 0.4.x.
 
- [global]
- max_batch_down
- max_queue_time
- max_request_time
+Client form parameters (multipart/form-data):
+ m		metadata, newline-separated list (text file) of
+			client ip address (textual)
+		       	token
+			target_requests_outstanding
+			http_timeout
+ d              data (SLIP format, with SLIP_ESC and `-' swapped)
 
- [virtual]
- network	    # required
- server		    # default is first host in network (eg <network>.1)
- mtu                # default is 1500
- 
 
-Client side configuration;
- MAX_BATCH_DOWN MAX_QUEUE_TIME PASSWORD
+Authentication token is:
+        <time_t in hex with no leading 0s> <hmac in base64>
+(separated by a single space).  The hmac is
+        HMAC(secret, <time_t in hex>)
 
-Routing assistance: none needed; secnet polypath will DTRT
 
-Client form parameters:
- i		ip address (textual)
- p		password
- d              data (SLIP format)
- mbd mqt mrt	config updates
+Possible future nonce-based authentication:
+
+server keeps big nonce counter for each client
+meaning is:
+ nonce counter is most recent nonce client has sent
+also server keeps bitmap of the previous ?64 nonces,
+ whether client has sent them
+
+client picks.... xxx