APPSDIR review of draft-ietf-httpbis-p6-cache-24

I have been selected as the Applications Area Directorate reviewer 
for this draft (for background on APPSDIR, please see 
http://trac.tools.ietf.org/area/app/trac/wiki/ApplicationsAreaDirectorate ).

Please resolve these comments along with any other Last Call comments 
you may receive. Please wait for direction from your document 
shepherd or AD before posting a new version of the draft.

Document: draft-ietf-httpbis-p6-cache-24
Title: Hypertext Transfer Protocol (HTTP/1.1): Caching
Reviewer: S. Moonesamy
Review Date: October 29, 2013
IETF Last Call Date: October 21, 2013

Summary:  This draft is almost ready for publication as a Proposed Standard

This document defines requirements on HTTP caches and the associated 
header fields that control cache behavior or indicate cacheable 
response messages.  Caching is an optional feature of HTTP.

The document is clear and well-written.

Major Issues: None

Minor Issues:

In Section 1:

   "Any client or server MAY employ a cache, though a cache cannot be
    used by a server that is acting as a tunnel."

I suggest not using the RFC 2119 "may" in the Introduction section.

In Section 1.2.1:

   "If a cache receives a delta-seconds value larger than the largest
    positive integer it can represent, or if any of its subsequent
    calculations overflows, the cache MUST consider the value to be
    2147483648 (2^31).  A recipient parsing a delta-seconds value MUST
    use an arithmetic type of at least 31 bits of range, and a sender
    MUST NOT generate delta-seconds with a value greater than 2147483648.."

Shouldn't the largest value be 2147483647 (see MAX_INT)?

It seems superfluous to have the second RFC 2119 "must" and the RFC 
2119 "must not".

In Section 5.2.2.2:

   "Note: This directive uses the quoted-string form of the argument
    syntax.  A sender SHOULD NOT generate the token form (even if quoting
    appears not to be needed for single-entry lists)."

I suggest not having RFC 2119 key words as part of a note.

In Section 5.2.2.3:

   'The "no-store" response directive indicates that a cache MUST NOT
    store any part of either the immediate request or response.  This
    directive applies to both private and shared caches.  "MUST NOT
    store" in this context means that the cache MUST NOT intentionally
    store the information in non-volatile storage, and MUST make a best-
    effort attempt to remove the information from volatile storage as
    promptly as possible after forwarding it.'

There is a RFC 2119 "must not" followed by an explanation of the 
requirement which includes a RFC 2119 "must not" and a "must".  I 
suggest rewriting the (first) requirement so that it is clear instead 
of explaining a requirement with another requirement.

In Section 5.2.2.6:

   "Note: This directive uses the quoted-string form of the argument
    syntax.  A sender SHOULD NOT generate the token form (even if quoting
    appears not to be needed for single-entry lists)."

I suggest not having the RFC 2119 "should not" as a part of a 
note.  This suggestion also applies to the note in Section 5.2.2.8 
and Section 5.2.2.9.

Nits:

In Section 4.2:

   "o  A cache recipient MUST NOT allow local time zones to influence the
       calculation or comparison of an age or expiration time.

    o  A cache recipient SHOULD consider a date with a zone abbreviation
       other than GMT or UTC to be invalid for calculating expiration."

Section 7.1.1.1 of draft-ietf-httpbis-p2-semantics-24 states that:

   "An HTTP-date value represents time as an instance of Coordinated
    Universal Time (UTC)."

If there is a requirement for the cache to use UTC (re. HTTP-date) 
internally the above RFC 2119 key words could be collapsed into that.

Regards,
S. Moonesamy

Received on Wednesday, 30 October 2013 04:48:26 UTC