Re: Must-revalidate [was Re: Warning: header, need origin]

Jeffrey Mogul:

>    > The difference between "max-age=0" and "must-revalidate" for caches
>    > that play by the transparency rules is that, if revalidation fails
>    > because of network failure:
>    > 
>    > - with "max-age=0", you return a stale 200 (OK) response with a
>    >   warning header attached
>    > 
>    > - with "must-revalidate", you return a 5xx error response
>    > 
>    > So must-revalidate is more than just "really really max-age=0".
>    > 
>    > Speaking in road-sign metaphors, "max-age=0" means "speed limit 50
>    > Km/h", while "must-revalidate" means "WARNING: sharp turn: safe
>    > maximal speed 50 Km/h".  If you ignore the first, you only sin against
>    > community standards.  If you ignore the second, you end up upside down
>    > besides the road.
>    
>    That is a better description and justification -- it should be included
>    in the specification.  I can live with must-revalidate if it implies
>    derailment.
>    
>Here is the language that I have now:
>
>   If a cache returns a stale response, either because of a max-stale
>   directive on a request, or because the cache is configured to
>   override the expiration time of a response, the cache MUST
>   attach a Warning header to the stale response, using Warning 10
>   (Response is stale).
[....]

This still looks a too much like "really really max-age=0" to me, the
semantical difference is not highlighted enough. I would structure the
`must-revalidate' text as follows:

 - discuss that must-revalidate instructs caches always to
   revalidate, disregarding any max-stale in the request.

 - discuss that must-revalidate signals cases in which the
   service fails if revalidation is omitted.  Some text:

    If an origin server includes a `must-revalidate' directive, this
    indicates that the revalidation of stale responses is essential
    for the correct operation of the service offered by the origin
    server.  `must-revalidate' should be included, for example, if
    failure to revalidate could result in a user seeing an incorrect
    description of a financial transaction about to be executed.

 - include talk about traffic signs here?  Forbid use of
   `must-revalidate' unless there is a clear danger for the user?

 - Discuss behaviour in case of network failure. Some text:

    Proxy and user agent caches which try, but fail to revalidate a
    response with this directive because of network failure MUST NOT
    return a stale response with a 13 (?) (revalidation failed)
    warning, but MUST return a 504 (Gateway Timeout) error response.

 - Discuss intransparent proxy caches. Some text:

    Proxy caches which are unwilling to revalidate a response with
    this directive MUST also return a 504 (Gateway Timeout) error
    response.  [##Invent a new 5xx response code for this?##]

 - discuss what intransparent user agent caches must do.  Some text:

    User agent caches which are configured to return stale responses
    because of severe connectivity constraints SHOULD return a 504
    error response instead of a stale response with with a 13 (?)
    (revalidation failed) warning, but MAY also, if specifically
    configured to allow this, return the stale response accompanied by
    a clear warning that the service author cannot guarantee correct
    operation of the service under these caching conditions.


>-Jeff

Koen.

Received on Friday, 12 April 1996 10:13:57 UTC