Re: Comments on HTTP draft [of 23 Nov 1994] from Roy T. Fielding on 1994-12-02 (ietf-http-wg@w3.org from October to December 1994)

From: Roy T. Fielding <fielding@avron.ICS.UCI.EDU>
Date: Thu, 01 Dec 1994 17:20:21 -0800
To: Chuck Shotton <cshotton@oac.hsc.uth.tmc.edu>
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <9412011720.aa28095@paris.ics.uci.edu>

Chuck Shotton writes:

>>> 5.5.2 If-Modified-Since: This section implies that servers *must*
>>>     implement this feature.  However, the last-modified-date might be
>>>     unavailable, unreliable, or not applicable for some URIs.  In these
>>>     cases (or indeed in any case), is the server permitted to return the
>>>     object, despite the presence of the I-M-S header?
>>
>>Yes, but proper implementation (where appropriate) of the conditional
>>GET protocol will be strongly recommended and required for all new servers.
> 
> Why required? There is no way to validate that this feature exists or is
> supported by a server by exercising a server remotely. I could write a
> server that modifies a document before every transmission or generates all
> documents on the fly. The effect would be the same as if the server
> completely ignored the if-modified-since header, since the document is
> always modified. From a client's perspective, you have no way to determine
> why the document is always returned.

If the document is modified before each response, or just has no last-modified
date (as is the case for scripts), then the correct behavior is to send
the document as if it were a normal GET.

If the document does have a valid last-modified header, then it most certainly
can be verified by exercising a server remotely -- I have done so many times.
The conditional GET protocol MUST be supported because its implementation
is required for efficient caching, and the need for caching far outweighs
the needs of an individual server implementation.

> I think this is one case where "required" is too strong a word (I also have
> qualms about HEAD being "required", but that one can be validated remotely.
> I only question HEAD's usefulness for most implementations.) Strongly
> recommended is fine.

HEAD exists because it allows programs that are only interested in
metainformation and link validity to make requests without retrieving
the object body.  Like IMS, its purpose is to reduce network load and
thus must be supported in order for HTTP servers to be "good net citizens".
Besides, it is trivial to implement once GET has been implemented.

......Roy Fielding   ICS Grad Student, University of California, Irvine  USA
                                     <fielding@ics.uci.edu>
                     <URL:http://www.ics.uci.edu/dir/grad/Software/fielding>

Received on Thursday, 1 December 1994 17:24:20 UTC