Services/Sync/Protocol 2.0 changes

Proposed changes to migrate to 2.0

browserid support

• token server and metadata tokens

max individual request size

• right now we limit (not implemented in python!) wbo size, but not total size. Restrict post body size to 1M?

drop parentid

drop predecessorid

talk to rnewman/gps about preferred way to transmit timestamps

• figure out how to get the timestamp into integer precision

405 for wrong method

• Cornice probably buys us this directly

304 not modified when X-Weave-Timestamp < current

• Saves processing the request body

drop whoisi as a return format

delete /storage takes multiple collections

• Will give us the ability to delete "everything except keys" without using a loop

Proposed changes to migrate to 2.1

generate better docs for how to implement backoff on client

sync sesssions with server-generated token - helps avoid races

• generated on write without auth token if none exists on server side
• can't write if there's a token in place without it. Can't read? (may be inconsistent)
• need a way to have client expire token and length after which it autoexpires
• make it part of auth protocol

way to let the server know that there's a data problem

• have a flag that says "this account reported corrupted" to handle HMAC mismatches, etc
• Maybe in metaglobal?
• is this a storage problem? or particular to sync