X-Git-Url: https://git.distorted.org.uk/~mdw/hippotat/blobdiff_plain/d72f83602e9173940102c718974025e16b873657..ef04103340f9c2f2666ea3a12bf6420758f2da6d:/README.config

diff --git a/README.config b/README.config
index 81f791d..842573c 100644
--- a/README.config
+++ b/README.config
@@ -5,7 +5,7 @@ Sections
   [<servername> - <client>]
   [<client>]
   [<servername>]      often [SERVER]
-  [DEFAULT]
+  [COMMON]
 
 Keys are looked up in that order, unless otherwise specified.
 <client> is the client's virtual address.
@@ -15,13 +15,13 @@ Exceptional settings:
 
   server
      Specifies <servername>.
-     Is looked up in [SERVER] and [DEFAULT] only.
+     Is looked up in [SERVER] and [COMMON] only.
      If not specified there, it is SERVER.
 
      Used by server to select the appropriate parts of the
      rest of the configuration.  Ignored by the client.
 
-  password
+  secret
      Looked up in the usual way, but used by client and server to
      determine which possible peerings to try to set up, and which to
      ignore.
@@ -32,11 +32,11 @@ Exceptional settings:
      (LIMIT sections do not count.)
 
      The server queue packets for, and accept requests from, each
-     putative client for which the config search yields a password.
+     putative client for which the config search yields a secret.
 
      Each client will create a local interface, and try to communicate
      with the server, for each possible pair (putative server,
-     putative client) for which the config search yields a password.
+     putative client) for which the config search yields a secret.
 
   ipif
      Command to run to create and communicate with local network
@@ -54,7 +54,7 @@ Exceptional settings:
 Capped settings:
 
      Values in [<server> LIMIT] and [LIMIT] are a cap (maximum) on
-     those from the other sections (including DEFAULT).
+     those from the other sections (including COMMON).
 
   max_batch_down
      Size limit for response payloads (used by server only)
@@ -122,6 +122,16 @@ Ordinary settings, used by both, not client-specific:
      Virtual interface name on the client.  [hippo%d]
      Any %d is interpolated (by the kernel).
 
+Ordinary settings, used by server only:
+
+  max_clock_skew
+     Permissible clock skew between client and server.
+     hippotat will not work if clock skew is more than this.
+     Conversely: when moving client from one public network to
+     another, the first network can deny service to the client for
+     this period after the client leaves the first network.
+     [300s]
+
 Ordinary settings, used by client only:
 
   http_timeout_grace