Re: Must-revalidate [was Re: Warning: header, need origin]

    > The difference between "max-age=0" and "must-revalidate" for caches
    > that play by the transparency rules is that, if revalidation fails
    > because of network failure:
    > 
    > - with "max-age=0", you return a stale 200 (OK) response with a
    >   warning header attached
    > 
    > - with "must-revalidate", you return a 5xx error response
    > 
    > So must-revalidate is more than just "really really max-age=0".
    > 
    > Speaking in road-sign metaphors, "max-age=0" means "speed limit 50
    > Km/h", while "must-revalidate" means "WARNING: sharp turn: safe
    > maximal speed 50 Km/h".  If you ignore the first, you only sin against
    > community standards.  If you ignore the second, you end up upside down
    > besides the road.
    
    That is a better description and justification -- it should be included
    in the specification.  I can live with must-revalidate if it implies
    derailment.
    
Here is the language that I have now:

   If a cache returns a stale response, either because of a max-stale
   directive on a request, or because the cache is configured to
   override the expiration time of a response, the cache MUST
   attach a Warning header to the stale response, using Warning 10
   (Response is stale).

and

   Because a cache may be configured to ignore a server's specified
   expiration time, and because a client request may include a max-stale
   directive, which has a similar effect, the protocol also includes a
   mechanism for the origin server to require revalidation of a cache
   entry on any subsequent use.  When the ``must-revalidate'' directive
   is present in a response received by a cache, that cache MUST NOT use
   the value to respond to a subsequent request without first
   revalidating it with the origin server.  (I.e., the cache must do an
   end-to-end revalidation every time.)

   The ``must-revalidate'' directive is necessary to support reliable
   operation for cookies and certain other protocol features.  In all
   circumstances an HTTP/1.1 cache MUST obey the ``must-revalidate''
   directive; in particular, if the cache cannot reach the origin server
   for any reason, it MUST generate a 504 (Gateway Timeout) response.
   Note that HTTP/1.0 caches will ignore this directive.

      The ``must-revalidate'' directive is semantically equivalent to
      the ``max-age=0'' directive, except that it overrides all other
      expiration mechanisms and configuration parameters.

      Servers should send the ``must-revalidate'' directive if and
      only if failure to revalidate a request on the entity could
      result in significantly incorrect operation, such as a silently
      unexecuted financial transaction.  Recipients MUST not take any
      automated action that violates this directive, and MUST not
      automatically provide an unvalidated copy of the entity if
      revalidation fails.

      Although this is not recommended, user agents operating under
      severe connectivity constraints may violate this directive but
      if so, MUST explicitly warn the user that an unvalidated
      response has been provided.  The warning MUST be provided on
      each unvalidated access, and SHOULD require explicit user
      confirmation.

-Jeff

Received on Thursday, 11 April 1996 23:21:57 UTC