- From: Thomson, Martin <Martin.Thomson@commscope.com>
- Date: Tue, 3 May 2011 14:26:28 +0800
- To: Willy Tarreau <w@1wt.eu>
- CC: Mark Nottingham <mnot@mnot.net>, httpbis mailing list <ietf-http-wg@w3.org>
On 2011-05-03 at 16:16:57, Willy Tarreau wrote: > OK but still my point remains that cache-control is irrelevant to > logging. > Cache-* is for caches only. Proxies, l7 firewalls, load balancers, > WAFs, compressors, URL filters, anti-virus, etc... all do log and will > not inspect > cache-* because they are not caches (and it should remain this way). That was my initial thought too. Until I saw the description of no-transform, which almost all of those examples will have to respect...if they want to remain compliant. As you say, the alternative is to add a new header (DNT?), but when there is already so much overlap, it seemed cleaner this way. > [...] legal obligations [...] That's the golden rule, isn't it? Policy trumps all. Irrespective of what an RFC says, someone can enact a policy that overrides the specification. Add that to the cases covered by the caveat (under compromised, if you like). --Martin
Received on Tuesday, 3 May 2011 06:27:00 UTC