W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2010

Re: Questions (errata?) about caching authenticated responses [#174]

From: Mark Nottingham <mnot@mnot.net>
Date: Wed, 9 Jun 2010 10:37:25 +1000
Message-Id: <AF34F31C-E319-4A68-9176-D8F1BE09C1E8@mnot.net>
To: HTTP Working Group <ietf-http-wg@w3.org>, Roy Fielding <fielding@gbiv.com>
Actually, that's not a good proposal, because it doesn't cover the 'defaulting' concept Roy has been talking about.

Roy, can you propose some text, if you want to pursue this? I feel like we're approaching diminishing returns here...


On 08/06/2010, at 3:36 PM, David Morris wrote:

> 
> Use the 2nd form and save the extra words to make sure "Cache-Control: 
> private" is clear if it isn't already.
> 
> On Tue, 8 Jun 2010, Mark Nottingham wrote:
> 
>> Well, most of the proposal is defining what 'explicitly given otherwise' means (and noting the consequences)...
>> 
>> Which is more clear?
>> 
>>> Shared caches MUST NOT use a cached response to a request with an Authorization [ref] header to satisfy any subsequent request unless a cache directive that allows such responses to be stored is present in the response.
>> 
>> or 
>> 
>> """
>> Requests with Authoration [ref] headers MUST have the same effect as Cache-Control: private [ref] on the response.
>> """
> 


--
Mark Nottingham     http://www.mnot.net/
Received on Wednesday, 9 June 2010 00:37:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:20 GMT