IETF Logo Mail Archive

Re: dont-revalidate Cache-Control header

Guille -bisho- <bishillo@gmail.com> Wed, 15 July 2015 17:53 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CACAC1B32FD for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 15 Jul 2015 10:53:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.011
X-Spam-Level:
X-Spam-Status: No, score=-7.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rP0FpAIw0VS2 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 15 Jul 2015 10:53:34 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 810291B32F8 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 15 Jul 2015 10:53:34 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ZFQpO-00081e-VB for ietf-http-wg-dist@listhub.w3.org; Wed, 15 Jul 2015 17:50:42 +0000
Resent-Date: Wed, 15 Jul 2015 17:50:42 +0000
Resent-Message-Id: <E1ZFQpO-00081e-VB@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <bishillo@gmail.com>) id 1ZFQpK-00080s-V1 for ietf-http-wg@listhub.w3.org; Wed, 15 Jul 2015 17:50:38 +0000
Received: from mail-ig0-f176.google.com ([209.85.213.176]) by lisa.w3.org with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) (Exim 4.80) (envelope-from <bishillo@gmail.com>) id 1ZFQpJ-00081t-DG for ietf-http-wg@w3.org; Wed, 15 Jul 2015 17:50:38 +0000
Received: by igbpg9 with SMTP id pg9so42189903igb.0 for <ietf-http-wg@w3.org>; Wed, 15 Jul 2015 10:50:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=JRZ8tM+EUaCfg4Fq0gaMpnXzg8icyMwri/QM9eKY6mE=; b=0EAXifhi/3fvjCAoAME+h/Z73ILW2m7EogcQDPg5TLO+NZyyrK3Kc8DhrdjwKpatDd 2FxgM25MAEsp5JOkEMftl+VYBH1sDVX9nfVljQGD+uWRjhpXvDGkrIWHwkOZK+GEpW/j NzFnuS0UPMr6g6A+PlwzUBK7Cez48ui+UExdxu4jcieYig36DVBTSIiFkmXAxb8LrhM9 tCQpWGuO0sltkrSI2uvoE7oVf5gDfhHlcX6ngnDZOQ1Jg3AlWNZ21lu5rCiJB7DzEEEa mc+4gaKXjT32t+7t84j4X5fqtKLwK02g3L5Dnjmq4pkxzYCql8fUvepXFPKQfpDqAcr2 MTHQ==
X-Received: by 10.107.129.101 with SMTP id c98mr6666722iod.96.1436982611524; Wed, 15 Jul 2015 10:50:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.142.200 with HTTP; Wed, 15 Jul 2015 10:49:52 -0700 (PDT)
In-Reply-To: <CABkgnnU0+X4eEMoUtwn=rmU5nOWfTYcQxsFwOKJixN0upFOh3Q@mail.gmail.com>
References: <CABgOVaLHBb4zcgvO4NUUmAzUjNkocBGYY3atFA9iuYyoLaLQsA@mail.gmail.com> <559F9E90.4020801@treenet.co.nz> <CABgOVaLG6QZyjqk2AGYupShST_u3ty9BpxUcPX+_yMEC1hyHAQ@mail.gmail.com> <961203FE-7E54-410F-923E-71C04914CD2E@mnot.net> <CABgOVaJxntEyT0v4GvWm0Qi9jbUPEnzxJgg4KyQSM1T_gN1mjQ@mail.gmail.com> <16407353-5C34-42E8-81A6-E0027EC3A0D0@mnot.net> <CABgOVa+C48yYp-ZkawY+Ho6pXONa_UfB0MVt_2+d0ejyESu2Pw@mail.gmail.com> <CAMSE37sqDmSstH7sDVYUgDCRB6hxi3X2b5MH27ORaYXm-aYwLw@mail.gmail.com> <CABkgnnU0+X4eEMoUtwn=rmU5nOWfTYcQxsFwOKJixN0upFOh3Q@mail.gmail.com>
From: Guille -bisho- <bishillo@gmail.com>
Date: Wed, 15 Jul 2015 10:49:52 -0700
Message-ID: <CAMSE37s54Xtgsuf41xH9ZqNvPAntcaonyV-oXHW3TXAy2FaN5g@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Ben Maurer <ben.maurer@gmail.com>, Mark Nottingham <mnot@mnot.net>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a113ecad01bc2bd051aed9665"
Received-SPF: pass client-ip=209.85.213.176; envelope-from=bishillo@gmail.com; helo=mail-ig0-f176.google.com
X-W3C-Hub-Spam-Status: No, score=-5.4
X-W3C-Hub-Spam-Report: AWL=-0.654, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1ZFQpJ-00081t-DG a29440922ebf43fac730d04667fe9581
X-Original-To: ietf-http-wg@w3.org
Subject: Re: dont-revalidate Cache-Control header
Archived-At: <http://www.w3.org/mid/CAMSE37s54Xtgsuf41xH9ZqNvPAntcaonyV-oXHW3TXAy2FaN5g@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/29964
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

But SRI is for sub resources, meant to be used in an html file. If a
resource is cached in a intermediate proxy, is corrupted, and follows this
new proposal to avoid revalidations, how the clients noticing the
corruption with SRI will force the re-fetch? We might need to ensure the
content is valid before permanente storing it.

To simplify thing we might prefer not to add the hash, but then
specifically mention that static should be used only over https channels
that provide better integrity guarantees.

Or alternatively elaborate in the SRI proposal that the resources cached
that match the hash should never be revalidated, the TTL must be obeyed.
This could be nice, especially given SRI is still a draft and accepting
changes.

-- 
Guille -ℬḭṩḩø- <bishillo@gmail.com>
:wq

v2.23.0 | Report a Bug | By Email