3.7.4.2 Subscribing for the ACL

The ACL is stored at the server and the client can obtain the ACL after it is registered with the server by using a SUBSCRIBE request. The client sends a SUBSCRIBE with an Event: type of vnd-microsoft-roaming-ACL and an Accept: header with application/vnd-microsoft-roaming-acls+xml. Each device on which the user logs in SHOULD subscribe to this event. The notifications for this event package contain the ACL for the user. The initial notification carries the complete ACL, and any changes are conveyed in subsequent notifications. This allows changes made by one device for a user to be communicated to all other devices for the user maintaining a consistent ACL across all devices. The server SHOULD maintain a database to hold the master copy of this ACL, which all devices sync to at login time.