Re: dont-revalidate Cache-Control header from Guille -bisho- on 2015-07-15 (ietf-http-wg@w3.org from July to September 2015)

From: Guille -bisho- <bishillo@gmail.com>
Date: Wed, 15 Jul 2015 10:13:54 -0700
To: Ben Maurer <ben.maurer@gmail.com>
Cc: Mark Nottingham <mnot@mnot.net>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CAMSE37sqDmSstH7sDVYUgDCRB6hxi3X2b5MH27ORaYXm-aYwLw@mail.gmail.com>

On Tue, Jul 14, 2015 at 5:36 AM, Ben Maurer <ben.maurer@gmail.com> wrote:

> static


If corruption is still a concern (not sure if it is because https will give
us better integrity guarantees), what about an optional checksum?
static=<type>:<hash> like static=SHA1:###... ?

That could help preventing corruption for items that are going to stay in
cache forever. It doesn't need to be mandatory neither on origin nor
clients to validate it, but intermediate proxies/browsers can be more sure
that the content they are storing is non-corrupted.

-- 
Guille -bisho- <bishillo@gmail.com>
:wq

Received on Wednesday, 15 July 2015 17:14:43 UTC