- From: Jeffrey Mogul <mogul@pa.dec.com>
- Date: Wed, 10 Jan 96 14:37:57 PST
- To: "Roy T. Fielding" <fielding@avron.ICS.UCI.EDU>
- Cc: http-caching@pa.dec.com
> I therefore propose (again, I also did this somewhere in the summer) a > > Cache-control: public > > response header that could be used to override the restriction in > Section 10.6. Why not just use the existing options: Cache-control: cachable or Cache-control: private Hmmm, come to think of it, "public" would be better than "cachable" in any case. Can I take it that we have a consensus on this: Cache-control: public means that a response including an Authorization: header may be returned from a cache entry, overriding the restriction of Section 10.6. with the understanding that as the HTTP security model evolves, we may need to extend or modify this? With that in the specification, what (if any) meaning is is left for "Cache-control: cachable"? That is, how does a response containing this directive differ from a response not containing it? Does "Cache-control: cachable" override other "do not cache" parts of the spec (other than section 10.6)? Or was this the only intended purpose? -Jeff
Received on Wednesday, 10 January 1996 23:00:58 UTC