- From: Vladimir Lashchev <vladimir.lashchev@oracle.com>
- Date: Fri, 26 Oct 2018 15:52:21 -0700 (PDT)
- To: ietf-http-wg@w3.org
Hello, RFC7232 in https://tools.ietf.org/html/rfc7232#section-3.1 has the following clause: ``` In the latter case, the origin server MUST NOT send a validator header field in the response unless it can verify that the request is a duplicate of an immediately prior change made by the same user agent ``` It doesn't really explain what security or performance considerations are leading to such a requirement and seems to favor idempotent updates coming from the same user agent. Sending validator (ETag) to all requestors seems to be a simpler and better choice. Could somebody please clarify why we need to this as suggested in RFC? Thanks, Vladimir Lashchev
Received on Saturday, 27 October 2018 05:03:55 UTC