Right now I use Sync 1.1* and it works very well without always having access to the server. I have the server setup on a LAN with no access from the internet. It synchronizes my desktop, laptop, and phone. When I am not at home, the phone works just fine and synchronizes automatically when I am at home.
The only thing is if you lose the database, with 1.1 you will need to recreate the accounts; with 1.5 I would assume that as long as the auth server is still there, the sync "account" would not need to be recreated. If you are setting it up now, I would probably recommend starting with 1.5, unless you need it up and running before Firefox 33 becomes release. * and will continue to use 1.1 until the FXA auth server works on Windows, or I am forced to set it up on Linux. On 2014-07-03 09:50, Richard Newman wrote: >> So you do have something ready for large scale or at least redundancy. My >> main concern is about "if my server crash ... how my users will sync". > > Sync isn't designed to require high availability. Clients will retry quietly > if their storage server is unavailable. It doesn't even require durability: > because clients have a full copy (and more besides) of all the data on the > server, if a DB dies we can just punt them to a different storage server and > the client will reupload. > > Sync 1.5 offers more durability, but this is still a client-authoritative > system. > > It's best to think of Sync as a private whiteboard for clients to use to talk > to each other. It was designed that way for a reason. > >> Our main concern for future is support of SSO. As Firefox will be a part of >> a larger project, we require that most of our "integrated solutions" to be >> SSO-compliant. Do you think it's possible with Sync 1.5 atm ? > > Key to the security of Sync is having a credential that only the client knows > -- it's used to generate keys. > > With Sync 1.1 that's the Sync Key. With Firefox Accounts it's your FxA > password, which we never give to the server. Your SSO solution would need to > have similar attributes (and think about routine password changes). If not, > then you could probably build something that supports the FxA APIs for email > verification but relies on some external key exchange protocol, but you'd be > heading into somewhat uncharted waters. > _______________________________________________ Sync-dev mailing list Sync-dev@mozilla.org https://mail.mozilla.org/listinfo/sync-dev
