+/**
+ * State we keep for validation activities. Each of these
+ * is both in the #validation_heap and the #validation_map.
+ */
+struct ValidationState
+{
+
+ /**
+ * For which peer is @a address to be validated (or possibly valid)?
+ * Serves as key in the #validation_map.
+ */
+ struct GNUNET_PeerIdentity pid;
+
+ /**
+ * How long did the peer claim this @e address to be valid? Capped at
+ * minimum of #MAX_ADDRESS_VALID_UNTIL relative to the time where we last
+ * were told about the address and the value claimed by the other peer at
+ * that time. May be updated similarly when validation succeeds.
+ */
+ struct GNUNET_TIME_Absolute valid_until;
+
+ /**
+ * How long do *we* consider this @e address to be valid?
+ * In the past or zero if we have not yet validated it.
+ */
+ struct GNUNET_TIME_Absolute validated_until;
+
+ /**
+ * When did we FIRST use the current @e challenge in a message?
+ * Used to sanity-check @code{origin_time} in the response when
+ * calculating the RTT. If the @code{origin_time} is not in
+ * the expected range, the response is discarded as malicious.
+ */
+ struct GNUNET_TIME_Absolute first_challenge_use;
+
+ /**
+ * When did we LAST use the current @e challenge in a message?
+ * Used to sanity-check @code{origin_time} in the response when
+ * calculating the RTT. If the @code{origin_time} is not in
+ * the expected range, the response is discarded as malicious.
+ */
+ struct GNUNET_TIME_Absolute last_challenge_use;
+
+ /**
+ * Next time we will send the @e challenge to the peer, if this time is past
+ * @e valid_until, this validation state is released at this time. If the
+ * address is valid, @e next_challenge is set to @e validated_until MINUS @e
+ * validation_delay * 3, such that we will try to re-validate before the
+ * validity actually expires.
+ */
+ struct GNUNET_TIME_Absolute next_challenge;
+
+ /**
+ * Current backoff factor we're applying for sending the @a challenge.
+ * Reset to 0 if the @a challenge is confirmed upon validation.
+ * Reduced to minimum of #FAST_VALIDATION_CHALLENGE_FREQ and half of the
+ * existing value if we receive an unvalidated address again over
+ * another channel (and thus should consider the information "fresh").
+ * Maximum is #MAX_VALIDATION_CHALLENGE_FREQ.
+ */
+ struct GNUNET_TIME_Relative challenge_backoff;
+
+ /**
+ * Initially set to "forever". Once @e validated_until is set, this value is
+ * set to the RTT that tells us how long it took to receive the validation.
+ */
+ struct GNUNET_TIME_Relative validation_rtt;
+
+ /**
+ * The challenge we sent to the peer to get it to validate the address. Note
+ * that we rotate the challenge whenever we update @e validated_until to
+ * avoid attacks where a peer simply replays an old challenge in the future.
+ * (We must not rotate more often as otherwise we may discard valid answers
+ * due to packet losses, latency and reorderings on the network).
+ */
+ struct GNUNET_ShortHashCode challenge;
+
+ /**
+ * Claimed address of the peer.
+ */
+ char *address;
+
+ /**
+ * Entry in the #validation_heap, which is sorted by @e next_challenge. The
+ * heap is used to figure out when the next validation activity should be
+ * run.
+ */
+ struct GNUNET_CONTAINER_HeapNode *hn;
+
+ /**
+ * Handle to a PEERSTORE store operation for this @e address. NULL if
+ * no PEERSTORE operation is pending.
+ */
+ struct GNUNET_PEERSTORE_StoreContext *sc;
+
+ /**
+ * Network type (presumably) associated with @e address. NEEDED?
+ */
+ enum GNUNET_NetworkType nt;
+
+};
+
+
+
+