Re: Must-revalidate [was Re: Warning: header, need origin]

    >> The difference between "max-age=0" and "must-revalidate" for caches
    >> that play by the transparency rules is that, if revalidation fails
    >> because of network failure:
    >> 
    >> - with "max-age=0", you return a stale 200 (OK) response with a
    >>   warning header attached
    >> 
    >> - with "must-revalidate", you return a 5xx error response
    >> 
    >> So must-revalidate is more than just "really really max-age=0".
    >> 
    >> Speaking in road-sign metaphors, "max-age=0" means "speed limit 50
    >> Km/h", while "must-revalidate" means "WARNING: sharp turn: safe
    >> maximal speed 50 Km/h".  If you ignore the first, you only sin against
    >> community standards.  If you ignore the second, you end up upside down
    >> besides the road.
>     
>     That is a better description and justification -- it should be included
>     in the specification.  I can live with must-revalidate if it implies
>     derailment.
>     
> Here is the language that I have now:  ...

Nope, not strong enough.  I meant it when I said derailment -- it can only
be considered different from max-age=0 if it MUST cause total failure
on the user agent if disobeyed.  There should not be any exceptions, even
for PDAs.  It must not be used unless total failure is preferable to
a warning.

[also, it does not apply to all uses of cookies -- only the particular
usage that Koen described.]

.....Roy

Received on Friday, 12 April 1996 11:33:58 UTC