On possibility that Ryan and I discussed - if the tokenserver gets a new generation cert, it immediately rejects and backs off all clients of that account for the token expiry period. That way we can guarantee that when the writes start again, every client is using the new key.
It's a little hacky, but it buys us time to develop the proper solution (which probably involves better use of X-if-unmodified-since). Toby _______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
