Re: Warning: header, need origin from Koen Holtman on 1996-04-10 (http-caching-historical@w3.org from April 1996)

From: Koen Holtman <koen@win.tue.nl>
Date: Wed, 10 Apr 1996 18:44:15 +0200 (MET DST)
To: ddubois@spyglass.com (Daniel DuBois)
Cc: http-caching@pa.dec.com
Message-Id: <199604101644.QAA06416@wsooti26.win.tue.nl>

Daniel DuBois:
>
>At 12:19 PM 4/10/96 +0200, Koen Holtman wrote:
>>Roy T. Fielding:
>>>No it doesn't.  What service provider would send max-age=0 when they
>>>know that must-validate is supposed to be stronger?
>>
>>I answered this question already: Anti-social service providers
>>seeking higher hitcounts will find that including must-revalidate is
>>not good for higher hitcounts, because the associated loud warnings
>>which we require will scare away the public, so that they end up
>
>Don't the loud warnings come into play only when the browser serves from
>cache?

The loud warning comes into play when the browser is configured to
serve from cache without revalidating.  If the browser is playing
nice, you won't hear a thing (but you may wait a little longer for
your pages).

>  If the browser behaves, will it not revalidate like told and then
>the user-agent will see no warnings, and then the user has no reason to hold
>the site in disregard.  Am I missing something?

You are not missing something.

If the user agent is configured to revalidate on max-age=0 and
must-revalidate, then the user will not see any warnings (unless the
network goes down).  The user may notice that connections are made for
revalidation of pages with clearly static content, and may notice that
the advertising site is slower because of it, but the user won't see
warnings.

>If the above is true, everyone will indeed use must-revalidate to get hit
>counts.

No, if 90% of browsers behave transparently, max-age=0 will still do
the hitcount trick better than must-revalidate, because max-age=0 will
not scare away the 10% of browser users who configure their cache
intransparently, while must-revalidate will.

>We're designing a protocol.  If the protocol is burdened down with redundant
>systems, I consider that a 'bad thing'.

I agree redundancy is bad, but max-age=0 and must-revalidate are not
redundant.  There is a huge difference in the `shoulds' for a proxy
cache that can't revalidate.

 - with max-age=0, it should return a stale response with a warning

 - with must-revalidate, it should return a 5xx error response, not 
   the stale response.

Given the current state of the internet in some parts of the world, a
difference in error behaviour is not just a minor detail.  If
intransparent PDAs become more common, the importance of the
difference will grow.

>  If the same protocol behavior is
>suposed to occur with max-age=0 and must-revalidate, then the two of them
>don't both need to exist.

There _is_ a difference in protocol behaviour, so the two
of them have both reasons to exist.

>  We talking about a "this is what you should do"
>directive and a "this is really really what you should do" directive.

We are talking about a `if you cannot do it, do A instead' directive
and a `if you cannot do it, do not-A instead' directive.

>the Programmer formerly known as Dan          
>                                     http://www.spyglass.com/~ddubois/

Koen.

Received on Wednesday, 10 April 1996 17:25:42 UTC