W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 2002

Re: RE: HTTPS and cache on the client-side

From: Már Örlygsson <mar@anomy.net>
Date: Mon, 11 Feb 2002 17:01:36 +0000
To: http-wg@cuckoo.hpl.hp.com
Message-ID: <20020211170136.F9523@klaki.net>
> IE saves SSL pages in it's private cache. This is possible because every

Apparently this is also what Opera does:
<http://www.searchengineworld.com/opera/cache.htm#item219>

When people say that browsers don't cache HTTPS documents, it's not clear if
they're talking about "permanent/extended" page cache, or temporary cache
for the current session only. 

My semi-educated *guess* is that browsers generally cache HTTPS documents
like all other documents, but then clean the HTTPS cache when the browser is
closed.

Does that sound likely?


> You can, like most webmail applications, mix unsecured and secured, in an
> effort to save bandwidth and reduce processor utilization.

We're doing this already (mostly). But there remains the issue of linked
static documents such as CSS files, .JPGs and .GIFs and external Javascript
files. We'd like these to be stored in the browser cache for as long as
possible (within the limits of "Expires:" of course) without our users
having to deal with dialog boxes alerting them about "non-secure" items
being loaded and asking them whether they want to load those or not...


> Hope these suggestions will help you a little bit...

Thanks! I'm still searching for more answers.

Any suggestions where to look/ask?


-- 
Már Örlygsson
------------------------------
mailto:mar@anomy.net
http://mar.anomy.net
Received on Monday, 11 February 2002 17:03:10 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:45 EDT