Comment 11 for bug 1287301

Implementing security controls is always a balance between cost, usability, effectiveness etc. So there are no right answers. It all depends upon the risk aversion (or willingness) of the organisation. Therefore having configuration values for token cache time and revocation cache time seems to be the best way to deal with this (including allowing a zero cache time). The risk averse organisation can set low or zero values and take the cost and performance consequences of this, whereas the risk willing organisation can set much higher values and have lower costs, higher performance and a greater risk of revoked tokens being wrongly used. I dont really see what Matthew's problem is providing this is clearly documented (as Dolph agrees it should be)