VPNController
Summary:
The token is currently not encrypted (should be possible though),
and we're currently using a symmetric key for the signature (can be
changed).
It is yet unclear how to go from kolab4 entitlements to specific plan,
but should be straightforward enough.
Differential Revision: https://git.kolab.org/D4340