Re: Location, location, location from Koen Holtman on 1996-02-06 (http-caching-historical@w3.org from February 1996)

From: Koen Holtman <koen@win.tue.nl>
Date: Tue, 6 Feb 1996 13:56:57 +0100 (MET)
To: sjk@amazon.com (Shel Kaphan)
Cc: http-caching@pa.dec.com
Message-Id: <199602061256.MAA10805@wsooti08.win.tue.nl>
Shel Kaphan:
>
[...]
>A context in which this invalidation could be very useful is content
>negotiation.

In the content negotiation mechanism as described in my `New content
negotiation sections' document at

  http://weeble.lut.ac.uk/lists/http-caching/0241.html

the Location header is not just used for invalidation, but also for
a factor 2 optimization: 

 - a proxy can answer a direct request on a variant URI by
   re-using a preemptive negotiation response that included that
   variant.

 - a proxy can make a preemptive negotiation response that includes a
   variant by re-using a response on a direct request for that
   variant.

(Aside: I am using the word `variant' as used in the `New content
 negotiation sections' document:

 | A variant is a resource, identified by a variant URI, that provides a
 | representation of the content of a negotiable resource.

 so my `variant' does not mean `one of the possible entities served by
 a varying resource (=an un-negotiated resource that includes Vary
 headers in the responses).
)

Spoofing is avoided by requiring that

  - Clients must reject preemptive responses with Location: headers
    that do not point to a variant on the same server
  - Servers that contain content of multiple parties must implement
    security mechanisms to avoid mutual spoofing.

Basically, if you run a server with multiple non-cooperating users,
you have to either trust those people who may author scripts (CGI or
other kinds), or you have to restrict the CGI script mechanism to
either reject or restrict preemptive negotiation responses made by
scripts (including nph CGI scripts, which means that you will have to
parse the headers they generate).  Filtering out and throwing away all
preemptive responses is always safe and easy to do, but has the
disadvantage of being less efficient than a more complicated filter.

Yes, this means extra work for server authors and server maintainers.
But in my analysis, this is the option with the least disadvantages.

Other options:  
  - Require no filtering: too unsafe
  - No preemptive responses in protocol: too inefficient,
                                         always need 2 RTTs
  - No factor 2 optimization: leads to much less efficient caches

Caching is already less efficient for negotiated resources, as there
are multiple variants that all take cache memory, and must all be
transmitted at least once.  Leaving out the factor 2 optimization,
i.e. caching preemptive and reactive responses separately, would make
caching very much less efficient, because all variants would have to
be transmitted and stored twice.


For a complete description of the mechanisms involved, please read the
`New content negotiation sections' document at

  http://weeble.lut.ac.uk/lists/http-caching/0241.html

itself.  I know it is long, but it cannot be made much shorter.
(Careful editing may take out some 30%, but not much more).  There are
no magical short solutions in this area.  You can have any 4 of the
things below, but not all 5:

 1 small content negotiation definition
 2 content negotiation that always produces optimal results
 3 short accept headers 
 4 one-RTT transactions in most cases 
 5 good caching

>--Shel

Koen.
Received on Tuesday, 6 February 1996 13:24:15 UTC