Rémy HUBSCHER

Yes totally, if we have a Authorization header we shouldn't assume Anonymous

However it is not the case on /v1/ : ``` $ http GET https://kinto.dev.mozaws.net/v1/ "Authorization: blabla" HTTP/1.1 200 OK Access-Control-Expose-Headers: Backoff, Retry-After, Content-Length, Alert Connection: keep-alive Content-Length: 2561 Content-Type: application/json...

It isn't a authentication required endpoint however we might consider supporting it.

It's not an issue to have backend breaking changes, we already had a number of them. Also we already have features that needs transactions and work in a degraded mode...

> pushing 412s requires some work and some fancy SQL footwork. Can we add a `WHERE last_modified = 'previous_last_modified'` clause for the update or delete part and raise a 412...

I thought we were trying to do the insert and in case of conflict handling the update?

That something we may want to do with GCM (Google Cloud Messaging) too: https://www.digitalocean.com/community/tutorials/how-to-create-a-server-to-send-push-notifications-with-gcm-to-android-devices-using-python

Maybe we can give it a try, if someone feels like trying it.

Ok so the mistake is to use `as_epoch` rather than the more precise unique value?

I though we were precise at the milliseconds so as_epoch should be unique