- From: Jeffrey Mogul <mogul@pa.dec.com>
- Date: Thu, 06 Jun 96 14:44:24 MDT
- To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
- Cc: jg@w3.org
These edits reflect my understanding and recollection of the consenus
developed during today's editorial teleconference. Anyone who wishes
hould do so immediately, since the deadline for the next I-D submission
is less than 24 hours from now.
The intention of these changes is to make the specification of no-store
more precise and better motivated.
14.9.2 What May be Stored by Caches
Replace:
The no-store directive applies to the entire message, and may be sent
either in a response or in a request. If sent in a request, a cache MUST
NOT store any part of either this request or any response to it. If sent
in a response, a cache MUST NOT store any part of either this response
or the request that elicited it. This directive applies to both non-
shared and shared caches.
with:
+ The purpose of the no-store directive is to prevent the inadvertent
+ release or retention of sensitive information (for example, on
+ backup tapes).
The no-store directive applies to the entire message, and may be sent
either in a response or in a request. If sent in a request, a cache MUST
NOT store any part of either this request or any response to it. If sent
in a response, a cache MUST NOT store any part of either this response
or the request that elicited it. This directive applies to both non-
shared and shared caches.
+ "MUST NOT store" in this context means that the cache MUST NOT
+ intentionally store the information in non-volatile storage,
+ and MUST make a best-effort attempt to remove the information
+ from volatile storage as promptly as possible after forwarding it.
-Jeff
Received on Thursday, 6 June 1996 15:00:22 UTC