APRServe Validation Protocol

The purpose of the protocol is to provide a means to identify packets originating from non-registered users in the data stream. In summary, all clients (e.g. Mac/Win/APRS/dos/+SA) will be expected to log on when they connect to APRServe. This will be done automatically by the client program. Without a logon message, no data will be accepted for inclusion in the APRServe data stream. Such unknown users will still see data from the stream (read only access). A logon message, but without a valid user registration, will result in all packets originating from that user being flagged as coming from an unvalidated user. Such packets will not, under any circumstances, be retransmitted. In addition, no packets from anyone other than the callsign identified at logon will be accepted from an unvalidated user (i.e. "Feed local data to tcp" will not work for unvalidated users. This protocol has effects on APRServe itself, client programs that connect to APRServe, and IGate programs. Most programs fall into more than one of these categories.

APRServe

If a stream has been validated to come from a registered amateur user, all valid packet data coming in on that port is passed to the APRServe stream unmodified.
If a packet comes from an unknown user, it is ignored.
If a packet comes from a non-validated stream, the following actions are performed:
- If the packet comes from any station other than the user logged on, the packet is thrown away. In other words, any data fed to APRServe from a non-registered user will be ignored.
- If the packet does not contain a path field of "TCPIP*", the packet is throw away. This prevents a echoed rf packet from the unvalidated station being sent via the internet.
- The "TCPIP*" in the unproto path of the packet is replaced with "TCPXX*"

Client program (APRSdos/MacAPRS/WinAPRS/APRS+SA)

Need to send on initial connect the following logon line:
```
user Callsign pass xxx vers programversion
```
Callsign is the user provided callsign

pass is a string, containing no spaces, that verifies the user, algorithm to be determined. If the user is unregistered, then the string should be "xxx".

vers is a string of up to 15 characters describing the program, e.g. "MacAPRS 3.1.1"
Need to recognize both TCPIP and TCPXX as TCP/IP stations
Need to provide a means to perform the user validation. This can either be a user entered password, or a client program can automatically figure out the password given the callsign. If the later is used, it is the client programmer's responsibility to be certain that non-amateurs are not given registrations that can validate themselves in APRServe.
probably a good idea to perform some feedback about the limitations of TCPIP without a registration number.

Gating Programs

Any program wishing to IGate back to rf (including client programs, ) must make certain the packets to be transmitted on rf do not contain the via path "TCPXX"