> So you do have something ready for large scale or at least redundancy. My > main concern is about "if my server crash ... how my users will sync".
Sync isn't designed to require high availability. Clients will retry quietly if their storage server is unavailable. It doesn't even require durability: because clients have a full copy (and more besides) of all the data on the server, if a DB dies we can just punt them to a different storage server and the client will reupload. Sync 1.5 offers more durability, but this is still a client-authoritative system. It's best to think of Sync as a private whiteboard for clients to use to talk to each other. It was designed that way for a reason. > Our main concern for future is support of SSO. As Firefox will be a part of a > larger project, we require that most of our "integrated solutions" to be > SSO-compliant. Do you think it's possible with Sync 1.5 atm ? Key to the security of Sync is having a credential that only the client knows -- it's used to generate keys. With Sync 1.1 that's the Sync Key. With Firefox Accounts it's your FxA password, which we never give to the server. Your SSO solution would need to have similar attributes (and think about routine password changes). If not, then you could probably build something that supports the FxA APIs for email verification but relies on some external key exchange protocol, but you'd be heading into somewhat uncharted waters. _______________________________________________ Sync-dev mailing list Sync-dev@mozilla.org https://mail.mozilla.org/listinfo/sync-dev
