Re: #337: Field names in cache-control header arguments from Mark Nottingham on 2012-03-05 (ietf-http-wg@w3.org from January to March 2012)

From: Mark Nottingham <mnot@mnot.net>
Date: Mon, 5 Mar 2012 14:41:01 +1100
To: Henrik Nordström <henrik@henriknordstrom.net>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <3EBA28AE-D9E4-41CE-84D0-5652D0B0B9D9@mnot.net>

Re-reading 2616, I think I agree (even if not entirely happy with it).

Suggested rewrite:

Index: p6-cache.xml
===================================================================
--- p6-cache.xml	(revision 1562)
+++ p6-cache.xml	(working copy)
@@ -1484,12 +1484,12 @@
       using it to satisfy a request without contacting it, even by caches that
       have been configured to return stale responses.</t>
       <t>If the no-cache response directive specifies one or more field-names,
-      this requirement is limited to the field-values associated with the
-      listed response header fields. That is, a cache &MUST-NOT; send the 
-      specified field-name(s) in the response to a subsequent request without successful
-      validation on the origin server. This allows an origin server to prevent
-      the re-use of certain header fields in a response, while still allowing
-      caching of the rest of the response.</t>
+      then a cache MAY use the response to satisfy a subsequent request,
+      subject to any other restrictions on caching. However, the specified
+      field-name(s) &MUST-NOT; be sent in the response to a subsequent request
+      without successful revalidation with the origin server. This allows an
+      origin server to prevent the re-use of certain header fields in a
+      response, while still allowing caching of the rest of the response.</t>      
       <t> <x:h>Note:</x:h> Most HTTP/1.0 caches will not recognize or obey
       this directive. Also, no-cache response directives with field-names are
       often handled by implementations as if an unqualified no-cache directive


On 03/03/2012, at 1:33 PM, Henrik Nordström wrote:

> lör 2012-03-03 klockan 11:22 +1100 skrev Mark Nottingham:
>> So, it seems like we have three options:
>> 
>> 1. leave it alone.
>> 
>> 2. align the language in no-cache with that in private.
>> 
>> 3. deprecate the semantics of these values (but still allow them syntactically).
>> 
>> 
>> Personally, I'm in favour of #3; I love using esoteric features of caching, but this one has never been useful IMO.
> 
> They have good use for site tracking cookies. If sites start using them
> caches are likely to follow.
> 
> My preference is 2 or maybe 1. Original 2616 wording in no-cache is not
> very confusing imho even if the validation part is practically nonsense.
> 
> Regards
> Henrik
> 

--
Mark Nottingham   http://www.mnot.net/

Received on Monday, 5 March 2012 03:41:28 UTC