-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refresh session performance 2: Fresh nonce prefetching. #61
Comments
I think here you're suggesting client implementation strategies for ensuring the DBSC session / cookies are kept fresh, and not a protocol change, right? Client can (probably should) employ some intelligent strategies to minimize user-facing latency, but I'm not sure we want to go very deep specifying those strategies. But (I think this is similar to what you describe) the browser probably ought to try to anticipate which sessions are likely to be used in the immediate future and proactively refresh cookies. Is there a concrete change you suggest? |
The issue is related to scenario described here: #60
However, if there is a complaint about waiting for a response, the underlying issue is the lack of a fresh nonce when the device or web app has been inactive for a while.
If the device has been unused or the web app is inactive, the auth cookies will expire. Before allowing workload requests, the cookie needs to be updated. To make an update for one request, the client needs a fresh nonce.
We can apply multiple approaches:
The text was updated successfully, but these errors were encountered: