- From: Thomas Roessler <tlr@w3.org>
- Date: Tue, 29 Nov 2011 10:10:15 +0100
- To: "Roy T. Fielding" <fielding@gbiv.com>
- Cc: Thomas Roessler <tlr@w3.org>, "Tracking Protection Working Group WG (public-tracking@w3.org)" <public-tracking@w3.org>
Thanks — I had missed that earlier note. That clarifies things. (Also, this is still related to ACTION-13; just making sure that tracker catches this message in the right thread.) -- Thomas Roessler, W3C <tlr@w3.org> (@roessler) On 2011-11-29, at 01:42 +0100, Roy T. Fielding wrote: > On Nov 27, 2011, at 5:49 AM, Thomas Roessler wrote: > >> Roy, >> >> looking through previous discussion of dynamic DNT response headers and "Vary: DNT", about the most extensive explanation I see is: >> http://lists.w3.org/Archives/Public/public-tracking/2011Oct/0044.html >> >>> Note that this would require all responses from that server >>> to disable shared caching ("Vary: DNT"). I think that is a non-starter. >> >> Just from the protocol definition, that conclusion doesn't follow (using the httpbis draft): >> http://tools.ietf.org/html/draft-ietf-httpbis-p6-cache-17#section-3.5 >> >> I vaguely recall that you had the behaviors of particular implementations in mind in previous discussions. >> >> Care to put on the record in a bit more detail what that was all about? > > Did you see the follow-on to that thread? > > http://lists.w3.org/Archives/Public/public-tracking/2011Oct/0047.html > > Vary is a semantic requirement --- sending it is only required if the > server wishes to retain uniform semantics in the presence of caching. > [RFC2616 had a variety of requirements on "transparency" that meant > the same thing.] > > The server can choose not to send Vary on request-varying content > if shared caching has been disabled by other means (cache-control) > or if the server does not care what intermediate caches deliver to > other user agents. IOW, if one user visits with DNT: 0 and the > next visits with DNT: 1, and if the server doesn't care that an > intermediate cache stores the first response and delivers it to > the second user, then the server does not need to set Vary. > > http://tools.ietf.org/html/draft-ietf-httpbis-p6-cache-17#section-2.7 > > For example, the server could instead send > > Cache-control: s-maxage=0 > > and force shared caches to revalidate (conditional GET) every time. > Note, however, that this option is not well implemented in practice > and relies on the cache merging the header fields from the 304 > response with the fields already in the cache. > > I don't know how s-maxage is implemented on Windows, so I don't > know if the second option would mitigate the problems in WinINET > > http://blogs.msdn.com/b/ieinternals/archive/2009/06/17/vary-header-prevents-caching-in-ie.aspx > > In any case, a negative effect on caching must have proven benefits > that exceed the cost. So far, there gave been no such benefits > demonstrated by the presence of a response header (i.e., the > recipient does not sufficiently gain anything from that response > such that it offsets the cost to the network of disabling caching). > > That is why I am only considering response headers on content > for which shared caching is already disabled. > > ....Roy > >
Received on Tuesday, 29 November 2011 09:10:22 UTC