Alt-Svc alternative cache invalidation (ext#16)

Martin Thomson <> Mon, 18 August 2014 17:27 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 02C0D1A0702 for <>; Mon, 18 Aug 2014 10:27:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.459
X-Spam-Status: No, score=-7.459 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id hlSumw-luwNp for <>; Mon, 18 Aug 2014 10:27:09 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9037E1A06FE for <>; Mon, 18 Aug 2014 10:27:08 -0700 (PDT)
Received: from lists by with local (Exim 4.72) (envelope-from <>) id 1XJQf4-0003X5-UG for; Mon, 18 Aug 2014 17:24:02 +0000
Resent-Date: Mon, 18 Aug 2014 17:24:02 +0000
Resent-Message-Id: <>
Received: from ([]) by with esmtp (Exim 4.72) (envelope-from <>) id 1XJQea-0003UZ-VD for; Mon, 18 Aug 2014 17:23:32 +0000
Received: from ([]) by with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <>) id 1XJQea-0003yI-B3 for; Mon, 18 Aug 2014 17:23:32 +0000
Received: by with SMTP id u57so5363811wes.10 for <>; Mon, 18 Aug 2014 10:23:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=ec6o9xpFBtOb0gqkLycbDUfjewzkVOC9vSLixGTb0yE=; b=dW+7LqxJZWpVVUOtQiLljNmi5Rwpx+pSVF1gk0U4ziCXORAElZwAzkElVGkDzjR9QM v+PxvPrKwhAPzuuKaEm8A3S7f9nkKZg4oiIivThcBQDb6tzJWACQU6EYN/NZ/Ca3gLfM 3Oso52EvPZ+IpF/AuIav8a2dezAu7TjKIXw6OQMT7vOiY9ukJFUmsmJGESt6j0vA+w1P LrwPHbTZAU39upaqCU1y9Kr0deNX2Q/MBGD04djSqlDHmj8xep6Hk2nZSpuAgermd/sf ETydYL2imz1xEh4638P6q2fPOCK/Tf48HrFlOAEliADMbqAIFQaIZhnrMMzE5uscEypu V8Gw==
MIME-Version: 1.0
X-Received: by with SMTP id fu10mr260290wib.47.1408382585922; Mon, 18 Aug 2014 10:23:05 -0700 (PDT)
Received: by with HTTP; Mon, 18 Aug 2014 10:23:05 -0700 (PDT)
Date: Mon, 18 Aug 2014 10:23:05 -0700
Message-ID: <>
From: Martin Thomson <>
To: HTTP Working Group <>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=;;
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.743, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: 1XJQea-0003yI-B3 5156f4820d2c422a4240f59b14060fe7
Subject: Alt-Svc alternative cache invalidation (ext#16)
Archived-At: <>
X-Mailing-List: <> archive/latest/26639
Precedence: list
List-Id: <>
List-Help: <>
List-Post: <>
List-Unsubscribe: <>

>From the issue:

In 3 The Alt-Svc HTTP Header Field, there's:

> When an Alt-Svc response header field is received from an origin, its value invalidates and  replaces all cached alternative services for that origin.

However, in several other places, we now say that multiple
alternatives can co-exist (with the client figuring out which to use).

Is this still our intent -- i.e., that the header field has a special
cache invalidation semantic -- or is it just left over from our
previous approach?


I think that this is residue from previous changes.  A small tweak can
fix it up.

The change regarding multiple services (i.e., clients choose which of
many it uses) is the right one.  However, that doesn't let a server
explicitly kill an Alt-Svc advertisement.  I think that this is useful

I think that we should say that the tuple of (origin, service
protocol, service endpoint) is the key and that new advertisements
that match update the expiration time.

The only possible caveat is authentication of this information.  An
unsecured advertisement cannot override a value that has been set on a
secured channel.  Though thinking that through, I don't think that we
ever have a sometimes-secured/sometimes-not-secured origin in that
way.  There's an interaction with HTTP-TLS that we need to be careful
with.  I'll make a note.