> I think it may make more sense to store a Token in the Task, especially since it is Writable and can be easily serialized as part of the Task's write method.
Currently, it only servers as a temporary in-memory cache for the SecretKey (to avoid converting from tokenPassword to SecretKey each time the token is used for Shuffle). The token itself is not intended to be serialized and sent along with the Task object. The passing of credentials for a Task is handled by way of the credential cache. If we're going to pass credentials along with Task objects, we need to make sure Task objects are handled properly. Since this is a re-factoring patch, I suggest we evaluate it as part of the credential cache work Boris is doing.
Attaching a patch that addressed your other comments.