Re: Copyright and cache

     > I 'm working in resolve the problem of copyright, that is violated
     > with catching. If I pay for a subscription, and connect to get
     > information copyrighted, the page will be cached in the proxy, and
     > every one else could see it.
     
     > If the server sends an http header with "no-cache", the problem
     > would be resolved?
     
     > Please, let me know how to get extra information about this issue.
     
     > Thanks
     > M Eugenia Riggi
     
     This problem affects any recources that have access restrictions 
     applied to them. As you mention, a pragma: no-cache header (HTTP/1.0) 
     solves the problem, but means that you can not cache the data 
     privately. A cache-control: private header (HTTP/1.1) is better 
     because the data can now be cached on private caches (usually the 
     browser). In the future, an extension to the private cache control 
     header may be avialbale so that shared caches can cache data that has 
     access restrictions, and ensure that that data is not forwarded to 
     people that do not have access rights (see 
     <http://www.ics.uci.edu/pub/ietf/http/draft-melve-cachecontrol-00.txt> 
     for info.).
     
     However, you should also consider that if the data is sent unencrypted 
     that people snooping the network connections or those with the ability 
     to snoop the caching directories on the proxies cache, will also be 
     able to view the data. If the data is extremely sensitive, encryption 
     should be used, and the cache-control: no-store header should be used 
     so that the data is not stored on non-volatile storage in an 
     unencrypted form, and is removed from volatile storage as soon as is 
     possible.
     
     Hope thats of use,
     
     
     Dominic.
**********************************************************************

This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. 
If you have received this email in error please notify Content Technologies 
on +44 118 9301300.

This message has been generated by MIMEsweeper and certifies that the message and attachments have been swept for all known and recorded computer viruses. 
MIMEsweeper 3.x protects your organization from content borne threats and malicious intent. Combined with firewalls MIMEsweeper provides a comprehensive network security solution.

For information regarding the MIMEsweeper family of products:

Phone:  +44 118 9301300
Fax:    +44 118 9301301
Email:  info@mimesweeper.com
Support:msw.support@mimesweeper.com
World Wide Web: http://www.mimesweeper.com

MIMEsweeper: Content Security for Networks 
**********************************************************************


 please notify Content Technologies 
on +44 118 9301300.

This message has been generated by MIMEsweeper and certifies that the message and attachments have been swept for all known and recorded computer viruses. 
MIMEsweeper 3.x protects your organization from content borne threats and malicious intent. Combined with firewalls MIMEsweeper provides a comprehensive network security solution.

For information regarding the MIMEsweeper family of products:

Phone:  +44 118 9301300
Fax:    +44 118 9301301
Email:  info@mimesweeper.com
Support:msw.support@mimesweeper.com
World Wide Web: http://www.mimesweeper.com

MIMEsweeper: Content Security for Networks 
**********************************************************************

Received on Thursday, 9 April 1998 06:17:49 UTC