On 2011-05-03 at 16:16:57, Willy Tarreau wrote: > OK but still my point remains that cache-control is irrelevant to > logging. > Cache-* is for caches only. Proxies, l7 firewalls, load balancers, > WAFs, compressors, URL filters, anti-virus, etc... all do log and will > not inspect > cache-* because they are not caches (and it should remain this way). That was my initial thought too. Until I saw the description of no-transform, which almost all of those examples will have to respect...if they want to remain compliant. As you say, the alternative is to add a new header (DNT?), but when there is already so much overlap, it seemed cleaner this way. > [...] legal obligations [...] That's the golden rule, isn't it? Policy trumps all. Irrespective of what an RFC says, someone can enact a policy that overrides the specification. Add that to the cases covered by the caveat (under compromised, if you like). --MartinReceived on Tuesday, 3 May 2011 06:27:00 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:40 GMT