Re: dont-revalidate Cache-Control header

Mark Nottingham <mnot@mnot.net> Thu, 16 July 2015 09:29 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FBF81A874C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 16 Jul 2015 02:29:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.912
X-Spam-Level:
X-Spam-Status: No, score=-6.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y2wGu5pY-PQE for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 16 Jul 2015 02:29:28 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 737C71A8748 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 16 Jul 2015 02:29:28 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ZFfQz-0003tO-97 for ietf-http-wg-dist@listhub.w3.org; Thu, 16 Jul 2015 09:26:29 +0000
Resent-Date: Thu, 16 Jul 2015 09:26:29 +0000
Resent-Message-Id: <E1ZFfQz-0003tO-97@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1ZFfQm-0003sd-Ax for ietf-http-wg@listhub.w3.org; Thu, 16 Jul 2015 09:26:16 +0000
Received: from mxout-07.mxes.net ([216.86.168.182]) by maggie.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1ZFfQj-0007h9-3c for ietf-http-wg@w3.org; Thu, 16 Jul 2015 09:26:15 +0000
Received: from [37.9.98.236] (unknown [89.246.67.118]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id C48F922E25F; Thu, 16 Jul 2015 05:25:46 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2102\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <CAMSE37sqDmSstH7sDVYUgDCRB6hxi3X2b5MH27ORaYXm-aYwLw@mail.gmail.com>
Date: Thu, 16 Jul 2015 11:25:45 +0200
Cc: Ben Maurer <ben.maurer@gmail.com>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <BB0055C4-8042-45E9-A73A-3A8003B3224D@mnot.net>
References: <CABgOVaLHBb4zcgvO4NUUmAzUjNkocBGYY3atFA9iuYyoLaLQsA@mail.gmail.com> <559F9E90.4020801@treenet.co.nz> <CABgOVaLG6QZyjqk2AGYupShST_u3ty9BpxUcPX+_yMEC1hyHAQ@mail.gmail.com> <961203FE-7E54-410F-923E-71C04914CD2E@mnot.net> <CABgOVaJxntEyT0v4GvWm0Qi9jbUPEnzxJgg4KyQSM1T_gN1mjQ@mail.gmail.com> <16407353-5C34-42E8-81A6-E0027EC3A0D0@mnot.net> <CABgOVa+C48yYp-ZkawY+Ho6pXONa_UfB0MVt_2+d0ejyESu2Pw@mail.gmail.com> <CAMSE37sqDmSstH7sDVYUgDCRB6hxi3X2b5MH27ORaYXm-aYwLw@mail.gmail.com>
To: Guille -bisho- <bishillo@gmail.com>
X-Mailer: Apple Mail (2.2102)
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
X-W3C-Hub-Spam-Status: No, score=-10.2
X-W3C-Hub-Spam-Report: AWL=-0.574, BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1ZFfQj-0007h9-3c d6c5ac4794ed8577a004caf9d5e75752
X-Original-To: ietf-http-wg@w3.org
Subject: Re: dont-revalidate Cache-Control header
Archived-At: <http://www.w3.org/mid/BB0055C4-8042-45E9-A73A-3A8003B3224D@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/29967
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

> On 15 Jul 2015, at 7:13 pm, Guille -bisho- <bishillo@gmail.com> wrote:
> 
> 
> On Tue, Jul 14, 2015 at 5:36 AM, Ben Maurer <ben.maurer@gmail.com> wrote:
> static
> 
> If corruption is still a concern (not sure if it is because https will give us better integrity guarantees), what about an optional checksum? static=<type>:<hash> like static=SHA1:###... ?
> 
> That could help preventing corruption for items that are going to stay in cache forever. It doesn't need to be mandatory neither on origin nor clients to validate it, but intermediate proxies/browsers can be more sure that the content they are storing is non-corrupted.

At the least, we should have language to the effect that this directive (however conveyed) is only valid if the response is complete, and connection close was NOT used to delimit the response.



--
Mark Nottingham   https://www.mnot.net/