On 11/01/2014 8:07 AM, Chris Karlof wrote: > > On Jan 10, 2014, at 9:14 AM, Toby Elliott <[email protected]> wrote: > >> On possibility that Ryan and I discussed - if the tokenserver gets a new >> generation cert, it immediately rejects and backs off all clients of that >> account for the token expiry period. That way we can guarantee that when the >> writes start again, every client is using the new key. >> > > Can you say a little more about what this means? What does "rejects and backs > off all clients of that account for the token expiry period" imply? Does this > mean other clients can't re-login to Sync for time period equal to the > lifetime of a token?
Yes. When you show up with a new generation number, *nobody* can get a new token for (say) five minutes. Not even you. The tokenserver forces you to wait for all outstanding tokens to expire before issuing a new one. One downside here is you're kinda "punishing" the known-good client by forcing it to wait for other clients that are in a maybe-bad state. But it would do the job. Ryan _______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
