Cache-control: public

    > I therefore propose (again, I also did this somewhere in the summer) a
    > 
    >  Cache-control: public
    > 
    > response header that could be used to override the restriction in
    > Section 10.6.
    
    Why not just use the existing options:
    
       Cache-control: cachable
    or
       Cache-control: private
    
    Hmmm, come to think of it, "public" would be better than "cachable"
    in any case.
    
Can I take it that we have a consensus on this:

    Cache-control: public
	means that a response including an Authorization: header
	may be returned from a cache entry, overriding the
	restriction of Section 10.6.

with the understanding that as the HTTP security model evolves,
we may need to extend or modify this?

With that in the specification, what (if any) meaning is is
left for "Cache-control: cachable"?  That is, how does a response
containing this directive differ from a response not containing
it?  Does "Cache-control: cachable" override other "do not cache"
parts of the spec (other than section 10.6)?  Or was this the only
intended purpose?

-Jeff

Received on Wednesday, 10 January 1996 23:00:58 UTC