Re: Collapsed requests and response freshness checks from Alex Rousskov on 2024-02-19 (ietf-http-wg@w3.org from January to March 2024)

From: Alex Rousskov <rousskov@measurement-factory.com>
Date: Mon, 19 Feb 2024 11:45:44 -0500
To: HTTP Working Group <ietf-http-wg@w3.org>
Cc: Mark Nottingham <mnot@mnot.net>
Message-ID: <add2c71b-5a2f-49bd-a7af-557bd3f522f2@measurement-factory.com>
On 2024-02-17 17:38, Mark Nottingham wrote:

> I'd answer 'yes' and 'yes' -- unless there's something in the
> response that makes it ineligible for use with a particular request,
> there's no reason to think that the server will respond any
> differently to a subsequent retry of that request. In this view, the
> response is treated as if it's a response to each individual request,
> rather than being something that has already been stored by a cache.

Glad I asked! AFAICT, with the above interpretation, the origin server 
cannot insist on seeing every request while also making its response 
cacheable.


> I agree that it's not clear in the spec

I am looking forward to the corresponding spec improvements, both in 
terms of defining which requests may be collapsed and clarifying which 
"MUST NOT reuse" rules from RFC 9111 Section 4 do not apply to collapsed 
requests.


> One of the things we factored out of 2616 was the concept of
> 'first-hand' - it might be useful again here.

It might -- RFC 2616 Section 13.2.1. explicitly excluded "first-hand 
responses" from "expiration mechanism".

RFC 2616 first-hand responses implicitly included responses in collapsed 
transactions AFAICT: "A response is also first-hand if its validity has 
just been checked directly with the origin server", although I do not 
know whether that alleged inclusion was an accident -- I do not know 
whether anybody thought that such a first-hand response may be to a 
_different_ request.

     first-hand
     A response is first-hand if it comes directly and without
     unnecessary delay from the origin server, perhaps via one or more
     proxies. A response is also first-hand if its validity has just
     been checked directly with the origin server.

Arguably, collapsed requests may experience an "unnecessary delay" 
(because they become dependent on another request that may be delayed 
for reasons specific to _that_ request). We can use the "also" clause to 
classify responses in collapsed transactions as first-hand.


> I already have an issue[1] open to probe the edges of collapsed
> forwarding for cache-tests.fyi; I'll try to explore these aspects too
> when I get to it.

Meanwhile, I will be working on adjusting Squid to skip freshness checks 
(and, hence, revalidation) for responses in collapsed transactions.


Thank you,

Alex.


> 1. https://github.com/http-tests/cache-tests/issues/129
> 
> 
> 
>> On 18 Feb 2024, at 09:02, Alex Rousskov <rousskov@measurement-factory.com> wrote:
>>
>> Hello,
>>
>>     RFC 9111 Section 4[1] says "cache can use a response that is stored or storable to satisfy multiple requests, provided that it is allowed to reuse that response for the requests in question". I am trying to understand which rules allow or prohibit that reuse. My guess is that _all_ "MUST not reuse a stored response unless..." rules in that Section apply, but since the response to the collapsed request is not necessarily a "stored response" (i.e. it could be "storable"), I want to double check.
>>
>> For example, can a cache reuse a stale-on-arrival response to satisfy a collapsed request (without doing revalidation)? Let's assume the response in question is not "allowed to be served stale". Informally, the response in question is nearly as fresh as they get because it is being received to satisfy a _concurrent_ request (that our request has collapsed on). However, formal freshness rules may still require treating this response as stale (e.g., max-age=0), either in general (i.e. for any request) or with respect to our collapsed request.
>>
>> Similarly, can a cache reuse a stale-on-arrival response with a must-revalidate directive to satisfy a collapsed request (without doing revalidation)? Here, the wiggle room for reuse appears to be even smaller because a cache "MUST NOT reuse that response to satisfy another request until it has been successfully validated by the origin".
>>
>> I suspect the answers are "no" and "no", and, more generally speaking, there are just no reuse exceptions for collapsed requests compared to regular cache hits -- a cache has to treat the incoming response as if it was a previously stored cache hit, even though the response may still be coming into the cache (as the result of the original request that our request has collapsed on). In other words, all Section 4 reuse rules[1] apply. I would appreciate a confirmation.
>>
>>
>> Thank you,
>>
>> Alex.
>>
>> [1]: https://www.rfc-editor.org/rfc/rfc9111.html#name-constructing-responses-from
>>
> 
> --
> Mark Nottingham   https://www.mnot.net/
Received on Monday, 19 February 2024 16:45:50 UTC