Re: Server Push and Caching

"Roy T. Fielding" <> Wed, 07 September 2016 17:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4EF2812B3F6 for <>; Wed, 7 Sep 2016 10:27:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8.528
X-Spam-Status: No, score=-8.528 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.001, RP_MATCHES_RCVD=-1.508, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Yf2SKM0DrR5h for <>; Wed, 7 Sep 2016 10:27:26 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7303712B417 for <>; Wed, 7 Sep 2016 10:27:26 -0700 (PDT)
Received: from lists by with local (Exim 4.80) (envelope-from <>) id 1bhgZL-0002ub-3x for; Wed, 07 Sep 2016 17:23:27 +0000
Resent-Date: Wed, 07 Sep 2016 17:23:27 +0000
Resent-Message-Id: <>
Received: from ([]) by with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <>) id 1bhgZF-0002tj-F5 for; Wed, 07 Sep 2016 17:23:21 +0000
Received: from ([] by with esmtps (TLS1.1:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from <>) id 1bhgZD-0004j1-2Z for; Wed, 07 Sep 2016 17:23:20 +0000
Received: from (localhost []) by (Postfix) with ESMTP id A609E6000110E; Wed, 7 Sep 2016 10:22:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed;; h=content-type :mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to;; bh=uQo075arkf6Eszn2ZtxEyoSEAOk=; b=HIYIFS+BvFP8u5A+pvI1Btl3x/Lo m9AWLRMTXfcdyTi4GNttHFykuS9BLqa3LgFMhc28dwjDo8ctH9vHjvyZxOic85Fn 02DgYPOktBbVBlk/HLNjxSSpcsGeD3AM+og5b0dFFoNgFI9WP+5y096bl5k+P/Ph QydfK1goIzbn+mg=
Received: from [] ( []) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: by (Postfix) with ESMTPSA id 4B3D960001118; Wed, 7 Sep 2016 10:22:55 -0700 (PDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: "Roy T. Fielding" <>
In-Reply-To: <>
Date: Wed, 7 Sep 2016 10:22:54 -0700
Cc: Tom Bergan <>, HTTP Working Group <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <>
To: Mark Nottingham <>
X-Mailer: Apple Mail (2.2104)
Received-SPF: none client-ip=;;
X-W3C-Hub-Spam-Status: No, score=-6.6
X-W3C-Hub-Spam-Report: AWL=-0.017, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_SORBS_SPAM=2.397, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: 1bhgZD-0004j1-2Z 45103555677ebf0b740a0dcbadf62470
Subject: Re: Server Push and Caching
Archived-At: <>
X-Mailing-List: <> archive/latest/32382
Precedence: list
List-Id: <>
List-Help: <>
List-Post: <>
List-Unsubscribe: <>

> On Sep 6, 2016, at 8:42 PM, Mark Nottingham <> wrote:
>> On 25 Aug 2016, at 3:17 AM, Roy T. Fielding <> wrote:
> ...
>>> The cache can also store the response, but once the stream is closed, if that response is stale -- either because of the presence of one of the directives above, or some combination of `Expires`, `Age`, `Date`, and `Cache-Control`, it will need to be revalidated before use
> ...
>> FWIW, the mistake above is in saying "response is stale … it will need to be revalidated".
>> An HTTP client is not required to revalidate a stale response.  It only needs to do so when
>> ensuring semantic transparency, which is something that user agents frequently don't do
>> within the scope of a single session (instead, they make requests based on configuration
>> or on the state of their own request processing).
> If you read the entire message, you would have seen:
>>> Note that HTTP does not put constraints on _how_ the application uses that response after it comes through the API or the cache; it might use it multiple times (e.g., an image might occur more than once on a page, or more than one downstream client might have made the request). It's just that this reuse isn't in the context of a HTTP cache's operation.
> You're correct that an HTTP *client* isn't required to revalidate a response, but a cache is.

A cache isn't required to revalidate.  Only a client revalidates, and only
when it wants to do so.  A cache never makes requests.  A cache is only required
to mark the response as stale.  It is okay to have a cache that is 100% stale.