New version of Cache Context draft

Hello all,

I have refreshed draft-pettersen-cache-context.

A new version of I-D, draft-pettersen-cache-context-05.txt has been  
successfuly submitted by Yngve Pettersen and posted to the IETF repository.

Filename:	 draft-pettersen-cache-context
Revision:	 05
Title:		 A context mechanism for controlling caching of HTTP responses
Creation_date:	 2010-03-07
WG ID:		 Independent Submission
Number_of_pages: 17

A common problem for sensitive web services is informing the client,
in a reliable fashion, when a password protected resource is no
longer valid because the user is logged out of the service.  This is,
in particular, considered a potential security problem by some
sensitive services, such as online banking, when the user navigates
the client's history list, which is supposed to display the resource
as it was when it was loaded, not as it is at some later point in

This document presents a method for collecting such sensitive
resources into a group, called a "Cache Context", which permits the
server to invalidate all the resources belonging in the group either
by direct action, or according to some expiration policy.  The
context can be configured to invalidate not just the resources, but
also specific cookies, HTTP authentication credentials and HTTP over
TLS session information.

Yngve N. Pettersen

Senior Developer                     Email:
Opera Software ASA         
Phone:  +47 24 16 42 60              Fax:    +47 24 16 40 01

Received on Sunday, 7 March 2010 18:55:02 UTC