Re: ID for Immutable

Leif Hedstrom <> Mon, 07 November 2016 21:25 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6923C1295AA for <>; Mon, 7 Nov 2016 13:25:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8.498
X-Spam-Status: No, score=-8.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id utBbItucx15e for <>; Mon, 7 Nov 2016 13:25:07 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4BCDB12957C for <>; Mon, 7 Nov 2016 13:25:07 -0800 (PST)
Received: from lists by with local (Exim 4.80) (envelope-from <>) id 1c3rLk-0003ky-He for; Mon, 07 Nov 2016 21:21:04 +0000
Resent-Date: Mon, 07 Nov 2016 21:21:04 +0000
Resent-Message-Id: <>
Received: from ([]) by with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <>) id 1c3rLc-0003kD-3L for; Mon, 07 Nov 2016 21:20:56 +0000
Received: from ([] by with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <>) id 1c3rLW-00068U-4T for; Mon, 07 Nov 2016 21:20:50 +0000
Received: by (8.15.2/8.15.2) with ESMTPSA id uA7LKP44031996 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 7 Nov 2016 13:20:26 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=03062012; t=1478553627; bh=7cpZf+cVKwhe/GSgG0hpFS5WnHy4ejnCLlIzYFzcgLQ=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=X+mA2rsO9k6831wo8ywZJqFZcUGZUMJP00SMi7AjgayBCts5bGr+tZvAgx7cyDhA0 5seTUy+DeRuQScq2wfjSe1vQQiSdE5t+KV55uirAauKoEqRCPwRyVvqgdeMNK5dfSE TmAfWULpXjVdld5rrkLu7P82f6o4rUGOkAzu7ndw=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.0 \(3226\))
From: Leif Hedstrom <>
In-Reply-To: <>
Date: Mon, 07 Nov 2016 14:20:25 -0700
Cc: HTTP Working Group <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <>
To: Patrick McManus <>
X-Mailer: Apple Mail (2.3226)
Received-SPF: pass client-ip=;;
X-W3C-Hub-Spam-Status: No, score=-6.9
X-W3C-Hub-Spam-Report: AWL=-0.101, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-2.796, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: 1c3rLW-00068U-4T 3b1409448a5a495ad64ab43425093820
Subject: Re: ID for Immutable
Archived-At: <>
X-Mailing-List: <> archive/latest/32853
Precedence: list
List-Id: <>
List-Help: <>
List-Post: <>
List-Unsubscribe: <>

> On Oct 26, 2016, at 3:02 PM, Patrick McManus <> wrote:
> [as individual]
> A new version of I-D, draft-mcmanus-immutable-00.txt
> has been successfully submitted by Patrick McManus and posted to the
> IETF repository.

Interesting. Couple of quick thoughts with my proxy-server hat on.

1) Many (most?) reverse proxy servers has features to ignore e.g. Cache-Control: max-age=0, or Cache-Control: no-cache from the clients. Not doing so would really open up some ugly rat holes for cache busting. [See the ATS configs below].

2) As such, this new CC: immutable directive seems geared primarily towards user-agents and possibly for forward proxies?

3) I didn’t read particularly carefully, but would it make sense to specify exactly what headers a proxy would ignore in favor of CC: immutable? I’m thinking in my case, we’d honor a CC: immutable over some of our configuration options [again see below].

For 3), I believe most clients will send something like 

	Cache-Control: no-cache
	Pragma: no-cache

correct when doing a “force” revalidate? I understand that this is UA specific, but if we are going to say something about this for intermediaries, maybe worth pointing this out? If so, what about Cache-Control: max-age=0?


— leif

Apache Traffic Server settings (defaults):

	CONFIG proxy.config.http.cache.ignore_client_no_cache INT 1
	CONFIG proxy.config.http.cache.ignore_client_cc_max_age INT 1

Yes, we know this violates the RFC :-).