Server maintains a queue of outbound packets for each user

Packets which are older than the applicable max_queue_time are discarded

Each incoming request to the server takes up to max_batch_down bytes
from the queue and returns them as the POST response body payload

Each incoming request contains up to max_batch_up bytes of payload.
It's a multipart/form-data.

Authentication: clock-based lifetime-limited bearer tokens.

Encryption and integrity checking: none.  Use a real VPN over this!

Routing assistance: none in hippotat; can be requested on client
 from userv-ipif via `vroutes' parameter.  Use with secnet polypath
 ideally uses the special support in secnet 0.4.x.

Client form parameters (multipart/form-data):
 m		metadata, newline-separated list (text file) of
			client ip address (textual)
		       	token
			target_requests_outstanding
			http_timeout
                        mtu                     } not supplied
			max_batch_down		}  by older
			max_batch_up		}  clients
 d              data (SLIP format, with SLIP_ESC and `-' swapped)


Authentication token is:
        <time_t in hex with no leading 0s> <hmac in base64>
(separated by a single space).  The hmac is
        HMAC(secret, <time_t in hex>)
and the hash function is SHA256


Possible future nonce-based authentication:

server keeps big nonce counter for each client
meaning is:
 nonce counter is most recent nonce client has sent
also server keeps bitmap of the previous ?64 nonces,
 whether client has sent them

difficult because client-generated nonces would have to never go
backwaards which basically means never-rewinding state on the client.
