Define procedure for rotating keypair seed and resolve issues

[chris13524]

Since this is a private key, what happens if we need to rotate it? There are several issues:

The keypair seed is used to derive two other keys: the client ID for the relay, and the Notify Server authentication key.

• A new client ID will subscribe to the same set of topics as the previous client ID. This will result in a large number of abandoned topic subscriptions, and messages being stored in the mailbox. Furthermore, if the key is rotated too quickly we will hit the 100 subscriber limit of the topic before the previous topic subscriptions expire themselves.
  • The same topic being subscribed multiple times will also result in duplicate messages being processed the Notify Server for a few minutes during the rollout of the new version/configuration.
  • Topic subscriptions are only renewed when they need to be, and we do not store the client ID that was used for the subscription. However we should, but there is still a risk that when the client ID changes it takes many hours to subscribe to and extend the TTL of all of the topics.
• A new authentication key will be updated in the Notify Server did.json file, but during rollout there will be a period of time where clients cached the old did.json and are sending requests to either a non-existant server (and thus requests are being dropped) or they are hitting the old Notify Server which will result in topic subscriptions for the old client ID.