- From: Mark Nottingham <mnot@mnot.net>
- Date: Wed, 9 Jun 2010 10:37:25 +1000
- To: HTTP Working Group <ietf-http-wg@w3.org>, Roy Fielding <fielding@gbiv.com>
Actually, that's not a good proposal, because it doesn't cover the 'defaulting' concept Roy has been talking about. Roy, can you propose some text, if you want to pursue this? I feel like we're approaching diminishing returns here... On 08/06/2010, at 3:36 PM, David Morris wrote: > > Use the 2nd form and save the extra words to make sure "Cache-Control: > private" is clear if it isn't already. > > On Tue, 8 Jun 2010, Mark Nottingham wrote: > >> Well, most of the proposal is defining what 'explicitly given otherwise' means (and noting the consequences)... >> >> Which is more clear? >> >>> Shared caches MUST NOT use a cached response to a request with an Authorization [ref] header to satisfy any subsequent request unless a cache directive that allows such responses to be stored is present in the response. >> >> or >> >> """ >> Requests with Authoration [ref] headers MUST have the same effect as Cache-Control: private [ref] on the response. >> """ > -- Mark Nottingham http://www.mnot.net/
Received on Wednesday, 9 June 2010 00:37:38 UTC