- From: Eric Prud'hommeaux <eric@w3.org>
- Date: Fri, 22 Aug 2014 23:02:47 -0400
- To: Noah Mendelsohn <nrm@arcanedomain.com>
- Cc: semantic-web <semantic-web@w3.org>, Tim Berners-Lee <timbl@w3.org>, Public TAG List <www-tag@w3.org>
- Message-ID: <CANfjZH0AqAmTgyQOErMd_3f5V6UvzHn81d4LFERYm3PpQ4+SwA@mail.gmail.com>
On Aug 23, 2014 12:33 AM, "Noah Mendelsohn" <nrm@arcanedomain.com> wrote: > > > > On 8/22/2014 1:00 PM, Tim Berners-Lee wrote: >> >> There is a massive and reasonable push to get everything from HTTP space into HTTPS. > > > How concerned should we be about reductions in the effectiveness of the Web's caching infrastructure when this happens? I really am not up on the numbers these days, and I wouldn't be surprised if the growth of network bandwidth and computing power makes that less of an issue that it would have been years ago. Still, I'd be curious to know whether we have quantitative information about the likely impact. If search engines answered the question "are the contents of http:foo and https:foo different", we could evaluate the impact of having one fill the cache for the other. I note that Firefox already does that implicitly in that entering http:foo in the location bar after you've already visited https:foo will lavishly redirect you to https:foo. (I in fact find this a bit irksome as I frequently want to copy http: links out of the referenced page.) Sites could advertise whether http:foo and https:foo were *different* by adding a Vary: header for an implied header like Is-SSL:. Of course this opt-in approach won't address conventional sites which already differentiate http:foo and https:foo. An explicit header like Is-Identical-In-HTTP-And-HTTPS: header would be safer, but wouldn't leverage the existing Vary: infrastructure. Do we have any agents at search engines who can assess the impact of Tim's proposal and say whether more conservative measures are required (on the part of the web they can see)? > Noah >
Received on Saturday, 23 August 2014 03:03:18 UTC