- From: Benjamin Kaduk via Datatracker <noreply@ietf.org>
- Date: Wed, 16 Jun 2021 23:26:04 -0700
- To: "The IESG" <iesg@ietf.org>
- Cc: draft-ietf-httpbis-cache@ietf.org, httpbis-chairs@ietf.org, ietf-http-wg@w3.org, mt@lowentropy.net, mt@lowentropy.net
Benjamin Kaduk has entered the following ballot position for draft-ietf-httpbis-cache-16: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-httpbis-cache/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- I made a PR with some editorial suggestions at https://github.com/httpwg/http-core/pull/874 . Section 1.3 negative integer range. If a cache receives a delta-seconds value greater than the greatest integer it can represent, or if any of its subsequent calculations overflows, the cache MUST consider the value to be 2147483648 (2^31) or the greatest positive integer it can conveniently represent. Is that a free choice, MIN, or MAX? Section 3.1 Caches MAY either store trailer fields separate from header fields, or discard them. Caches MUST NOT combine trailer fields with header fields. IIRC, recipients are allowed to merge trailer fields into header fields in some situations (e.g., if explicitly allowed by the field definition). I'm not entirely sure how that allowance is intended to interact with this directive (perhaps that generic-recipient merging has already occurred before this point?). Section 4 A cache that does not have a clock available MUST NOT use stored responses without revalidating them upon every use. (Are we using the same qualifications for what counts as a clock as specified in ยง10.2.2 of -semantics?) Section 5.2.2.2 The "must-revalidate" response directive indicates that once the response has become stale, a cache MUST NOT reuse that response to satisfy another request until it has been successfully validated by the origin, as defined by Section 4.3. [...] The must-revalidate directive also permits a shared cache to reuse a response to a request containing an Authorization header field (Section 11.6.2 of [Semantics]), subject to the above requirement on revalidation (Section 3.5). It seems like the combination of these two behaviors would allow a shared cache to reuse a response to a request containing an Authorization header field without revalidation, provided it does so before the response has become stale. That seems surprising to me, though it's hard to pin down exactly why. NITS Section 4.2.3 A response's age can be calculated in two entirely independent ways: Just to confirm: this is something that could be said to be the "intrinsic age" or "initial age" of the response, corresponding to the age at the time it was generated/received, as distinct from the age at the time of the calculation? I wonder if adding an adjective would help clarify that. Appendix B The "public" and "private" cache directives were clarified, so that they do not make responses reusable under any condition. (Section 5.2.2) I'm having a hard time figuring out what change this refers to.
Received on Thursday, 17 June 2021 06:26:37 UTC