This approach allows us to:
- Avoid attempting to send notifications to the provider multiple times even if the device token is invalid.
- Avoid queuing up a lot of messages to a device that the token is invalid, we can do it only once.
The alternative is deleting the device token but then it's complicated to distinguish if the token was invalidated or the device is logging to Tunnelbroker for the first time.
Depends on D12887