Refresh session performance 2: Fresh nonce prefetching.

[alextok]

The issue is related to scenario described here: #60

However, if there is a complaint about waiting for a response, the underlying issue is the lack of a fresh nonce when the device or web app has been inactive for a while.

If the device has been unused or the web app is inactive, the auth cookies will expire. Before allowing workload requests, the cookie needs to be updated. To make an update for one request, the client needs a fresh nonce.

We can apply multiple approaches:

1. Utilize a browser service to pre-fetch the nonce from the web.
2. Allow an operating system component to pre-fetch the nonce and have the browser read it.

[danmarg]

I think here you're suggesting client implementation strategies for ensuring the DBSC session / cookies are kept fresh, and not a protocol change, right?

Client can (probably should) employ some intelligent strategies to minimize user-facing latency, but I'm not sure we want to go very deep specifying those strategies. But (I think this is similar to what you describe) the browser probably ought to try to anticipate which sessions are likely to be used in the immediate future and proactively refresh cookies.

Is there a concrete change you suggest?