> Roy then managed to confuse me again by objecting to my proposal > for "Cache-control: no-store" because it doesn't solve the > eavesdropping problem, but I think this is an inconsistent position. Sorry, I was thinking of the security issues that Lou brought up last summer, and not anything like a CD-ROM archive. I don't think it is appropriate for cache-control to say anything beyond what is interesting to a response cache. I believe the PEP proposal has more to say about things like what the recipient is allowed to do with a document after it has been retrieved. > Either the protocol spec says nothing about "storing" values, but > confines itself to specifying when they may be "returned" from a > cache ... or the spec DOES talk about when they can be stored, in > which case it seems appropriate to give servers and users some > control over this. Like I said, the reason it says it currently is to prevent people from wrongly assuming "no-cache" meant that the user is not allowed to save the entity after viewing it. It could do with some better wording. ...Roy T. Fielding Department of Information & Computer Science (fielding@ics.uci.edu) University of California, Irvine, CA 92717-3425 fax:+1(714)824-4056 http://www.ics.uci.edu/~fielding/Received on Tuesday, 20 February 1996 23:08:59 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 28 November 2008 20:51:42 GMT