draft-ietf-httpbis-cache-08.txt   draft-ietf-httpbis-cache-09.txt 
HTTP Working Group R. Fielding, Ed. HTTP Working Group R. Fielding, Ed.
Internet-Draft Adobe Internet-Draft Adobe
Obsoletes: 7234 (if approved) M. Nottingham, Ed. Obsoletes: 7234 (if approved) M. Nottingham, Ed.
Intended status: Standards Track Fastly Intended status: Standards Track Fastly
Expires: November 27, 2020 J. Reschke, Ed. Expires: January 12, 2021 J. Reschke, Ed.
greenbytes greenbytes
May 26, 2020 July 11, 2020
HTTP Caching HTTP Caching
draft-ietf-httpbis-cache-08 draft-ietf-httpbis-cache-09
Abstract Abstract
The Hypertext Transfer Protocol (HTTP) is a stateless application- The Hypertext Transfer Protocol (HTTP) is a stateless application-
level protocol for distributed, collaborative, hypertext information level protocol for distributed, collaborative, hypertext information
systems. This document defines HTTP caches and the associated header systems. This document defines HTTP caches and the associated header
fields that control cache behavior or indicate cacheable response fields that control cache behavior or indicate cacheable response
messages. messages.
This document obsoletes RFC 7234. This document obsoletes RFC 7234.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
This note is to be removed before publishing as an RFC. This note is to be removed before publishing as an RFC.
Discussion of this draft takes place on the HTTP working group Discussion of this draft takes place on the HTTP working group
mailing list (ietf-http-wg@w3.org), which is archived at mailing list (ietf-http-wg@w3.org), which is archived at
<https://lists.w3.org/Archives/Public/ietf-http-wg/>. <https://lists.w3.org/Archives/Public/ietf-http-wg/>.
Working Group information can be found at <https://httpwg.org/>; Working Group information can be found at <https://httpwg.org/>;
source code and issues list for this draft can be found at source code and issues list for this draft can be found at
<https://github.com/httpwg/http-core>. <https://github.com/httpwg/http-core>.
The changes in this draft are summarized in Appendix C.9. The changes in this draft are summarized in Appendix C.10.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 27, 2020. This Internet-Draft will expire on January 12, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 4, line 17 skipping to change at page 4, line 17
Appendix C. Change Log . . . . . . . . . . . . . . . . . . . . . 38 Appendix C. Change Log . . . . . . . . . . . . . . . . . . . . . 38
C.1. Between RFC7234 and draft 00 . . . . . . . . . . . . . . 38 C.1. Between RFC7234 and draft 00 . . . . . . . . . . . . . . 38
C.2. Since draft-ietf-httpbis-cache-00 . . . . . . . . . . . . 38 C.2. Since draft-ietf-httpbis-cache-00 . . . . . . . . . . . . 38
C.3. Since draft-ietf-httpbis-cache-01 . . . . . . . . . . . . 38 C.3. Since draft-ietf-httpbis-cache-01 . . . . . . . . . . . . 38
C.4. Since draft-ietf-httpbis-cache-02 . . . . . . . . . . . . 38 C.4. Since draft-ietf-httpbis-cache-02 . . . . . . . . . . . . 38
C.5. Since draft-ietf-httpbis-cache-03 . . . . . . . . . . . . 39 C.5. Since draft-ietf-httpbis-cache-03 . . . . . . . . . . . . 39
C.6. Since draft-ietf-httpbis-cache-04 . . . . . . . . . . . . 39 C.6. Since draft-ietf-httpbis-cache-04 . . . . . . . . . . . . 39
C.7. Since draft-ietf-httpbis-cache-05 . . . . . . . . . . . . 39 C.7. Since draft-ietf-httpbis-cache-05 . . . . . . . . . . . . 39
C.8. Since draft-ietf-httpbis-cache-06 . . . . . . . . . . . . 40 C.8. Since draft-ietf-httpbis-cache-06 . . . . . . . . . . . . 40
C.9. Since draft-ietf-httpbis-cache-07 . . . . . . . . . . . . 40 C.9. Since draft-ietf-httpbis-cache-07 . . . . . . . . . . . . 40
C.10. Since draft-ietf-httpbis-cache-08 . . . . . . . . . . . . 41
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 43 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 43
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 43 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 43
1. Introduction 1. Introduction
The Hypertext Transfer Protocol (HTTP) is a stateless application- The Hypertext Transfer Protocol (HTTP) is a stateless application-
level request/response protocol that uses extensible semantics and level request/response protocol that uses extensible semantics and
self-descriptive messages for flexible interaction with network-based self-descriptive messages for flexible interaction with network-based
hypertext information systems. HTTP is defined by a series of hypertext information systems. HTTP is defined by a series of
skipping to change at page 5, line 36 skipping to change at page 5, line 38
Conformance criteria and considerations regarding error handling are Conformance criteria and considerations regarding error handling are
defined in Section 3 of [Semantics]. defined in Section 3 of [Semantics].
1.2. Syntax Notation 1.2. Syntax Notation
This specification uses the Augmented Backus-Naur Form (ABNF) This specification uses the Augmented Backus-Naur Form (ABNF)
notation of [RFC5234], extended with the notation for case- notation of [RFC5234], extended with the notation for case-
sensitivity in strings defined in [RFC7405]. sensitivity in strings defined in [RFC7405].
It also uses a list extension, defined in Section 4.5 of [Semantics], It also uses a list extension, defined in Section 5.5 of [Semantics],
that allows for compact definition of comma-separated lists using a that allows for compact definition of comma-separated lists using a
'#' operator (similar to how the '*' operator indicates repetition). '#' operator (similar to how the '*' operator indicates repetition).
Appendix A shows the collected grammar with all list operators Appendix A shows the collected grammar with all list operators
expanded to standard ABNF notation. expanded to standard ABNF notation.
The following core rules are included by reference, as defined in The following core rules are included by reference, as defined in
[RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF [RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF
(CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote), (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote),
HEXDIG (hexadecimal 0-9/A-F/a-f), HTAB (horizontal tab), LF (line HEXDIG (hexadecimal 0-9/A-F/a-f), HTAB (horizontal tab), LF (line
feed), OCTET (any 8-bit sequence of data), SP (space), and VCHAR (any feed), OCTET (any 8-bit sequence of data), SP (space), and VCHAR (any
visible [USASCII] character). visible [USASCII] character).
The rules below are defined in [Semantics]: The rules below are defined in [Semantics]:
HTTP-date = <HTTP-date, see [Semantics], Section 10.1.1.1> HTTP-date = <HTTP-date, see [Semantics], Section 5.4.1.5>
OWS = <OWS, see [Semantics], Section 1.2.1> OWS = <OWS, see [Semantics], Section 1.2.1>
field-name = <field-name, see [Semantics], Section 4.3> field-name = <field-name, see [Semantics], Section 5.3>
quoted-string = <quoted-string, see [Semantics], Section 4.4.1.2> quoted-string = <quoted-string, see [Semantics], Section 5.4.1.2>
token = <token, see [Semantics], Section 4.4.1.1> token = <token, see [Semantics], Section 5.4.1.1>
1.3. Delta Seconds 1.3. Delta Seconds
The delta-seconds rule specifies a non-negative integer, representing The delta-seconds rule specifies a non-negative integer, representing
time in seconds. time in seconds.
delta-seconds = 1*DIGIT delta-seconds = 1*DIGIT
A recipient parsing a delta-seconds value and converting it to binary A recipient parsing a delta-seconds value and converting it to binary
form ought to use an arithmetic type of at least 31 bits of non- form ought to use an arithmetic type of at least 31 bits of non-
skipping to change at page 7, line 17 skipping to change at page 7, line 17
responses by incorporating values of the original request's selecting responses by incorporating values of the original request's selecting
header fields into the cache key as well, as per Section 4.1. header fields into the cache key as well, as per Section 4.1.
Furthermore, caches might incorporate additional material into the Furthermore, caches might incorporate additional material into the
cache key. For example, user agent caches might include the cache key. For example, user agent caches might include the
referring site's identity, thereby "double keying" the cache to avoid referring site's identity, thereby "double keying" the cache to avoid
some privacy risks (see Section 7.2). some privacy risks (see Section 7.2).
Most commonly, caches store the successful result of a retrieval Most commonly, caches store the successful result of a retrieval
request: i.e., a 200 (OK) response to a GET request, which contains a request: i.e., a 200 (OK) response to a GET request, which contains a
representation of the target resource (Section 7.3.1 of [Semantics]). representation of the target resource (Section 8.3.1 of [Semantics]).
However, it is also possible to store redirects, negative results However, it is also possible to store redirects, negative results
(e.g., 404 (Not Found)), incomplete results (e.g., 206 (Partial (e.g., 404 (Not Found)), incomplete results (e.g., 206 (Partial
Content)), and responses to methods other than GET if the method's Content)), and responses to methods other than GET if the method's
definition allows such caching and defines something suitable for use definition allows such caching and defines something suitable for use
as a cache key. as a cache key.
A cache is disconnected when it cannot contact the origin server or A cache is disconnected when it cannot contact the origin server or
otherwise find a forward path for a given request. A disconnected otherwise find a forward path for a given request. A disconnected
cache can serve stale responses in some circumstances cache can serve stale responses in some circumstances
(Section 4.2.4). (Section 4.2.4).
3. Storing Responses in Caches 3. Storing Responses in Caches
A cache MUST NOT store a response to a request unless: A cache MUST NOT store a response to a request unless:
o the request method is understood by the cache; o the request method is understood by the cache;
o the response status code is final (see Section 9 of [Semantics]); o the response status code is final (see Section 10 of [Semantics]);
o if the response status code is 206 or 304, or the "must- o if the response status code is 206 or 304, or the "must-
understand" cache directive (see Section 5.2) is present: the understand" cache directive (see Section 5.2) is present: the
cache understands the response status code; cache understands the response status code;
o the "no-store" cache directive is not present in the response (see o the "no-store" cache directive is not present in the response (see
Section 5.2); Section 5.2);
o if the cache is shared: the "private" response directive is either o if the cache is shared: the "private" response directive is either
not present or allows a modified response to be stored by a shared not present or allows a modified response to be stored by a shared
cache; see Section 5.2.2.7); cache; see Section 5.2.2.7);
o if the cache is shared: the Authorization header field is not o if the cache is shared: the Authorization header field is not
present in the request (see Section 8.5.3 of [Semantics]) or a present in the request (see Section 9.5.3 of [Semantics]) or a
response directive is present that explicitly allows shared response directive is present that explicitly allows shared
caching (see Section 3.3); and, caching (see Section 3.3); and,
o the response contains at least one of: o the response contains at least one of:
* a public response directive (see Section 5.2.2.6); * a public response directive (see Section 5.2.2.6);
* a private response directive, if the cache is not shared (see * a private response directive, if the cache is not shared (see
Section 5.2.2.7); Section 5.2.2.7);
skipping to change at page 8, line 45 skipping to change at page 8, line 45
are not prohibited from storing such responses. are not prohibited from storing such responses.
3.1. Storing Header and Trailer Fields 3.1. Storing Header and Trailer Fields
Caches MUST include all received header fields -- including Caches MUST include all received header fields -- including
unrecognised ones -- when storing a response; this assures that new unrecognised ones -- when storing a response; this assures that new
HTTP header fields can be successfully deployed. However, the HTTP header fields can be successfully deployed. However, the
following exceptions are made: following exceptions are made:
o The Connection header field and fields whose names are listed in o The Connection header field and fields whose names are listed in
it are required by Section 13.1 of [Semantics] to be removed it are required by Section 9.1 of [Messaging] to be removed before
before forwarding the message. This MAY be implemented by doing forwarding the message. This MAY be implemented by doing so
so before storage. before storage.
o Likewise, some fields' semantics require them to be removed before o Likewise, some fields' semantics require them to be removed before
forwarding the message, and this MAY be implemented by doing so forwarding the message, and this MAY be implemented by doing so
before storage; see Section 13.1 of [Semantics] for some examples. before storage; see Section 9.1 of [Messaging] for some examples.
o Header fields that are specific to a client's proxy configuration o Header fields that are specific to a client's proxy configuration
MUST NOT be stored, unless the cache incorporates the identity of MUST NOT be stored, unless the cache incorporates the identity of
the proxy into the cache key. Effectively, this is limited to the proxy into the cache key. Effectively, this is limited to
Proxy-Authenticate Section 10.3.2 of [Semantics], Proxy- Proxy-Authenticate (Section 11.3.2 of [Semantics]), Proxy-
Authentication-Info Section 10.3.4 of [Semantics], and Proxy- Authentication-Info (Section 11.3.4 of [Semantics]), and Proxy-
Authorization Section 8.5.4 of [Semantics]. Authorization (Section 9.5.4 of [Semantics]).
Caches MAY either store trailer fields separately from header fields, Caches MAY either store trailer fields separately from header fields,
or discard them. Caches MUST NOT combine trailer fields with header or discard them. Caches MUST NOT combine trailer fields with header
fields. fields.
3.2. Storing Incomplete Responses 3.2. Storing Incomplete Responses
If the request method is GET, the response status code is 200 (OK), If the request method is GET, the response status code is 200 (OK),
and the entire response header section has been received, a cache MAY and the entire response header section has been received, a cache MAY
store a response body that is not complete (Section 2.1 of store a response body that is not complete (Section 2.1 of
[Semantics]) if the stored response is recorded as being incomplete. [Semantics]) if the stored response is recorded as being incomplete.
Likewise, a 206 (Partial Content) response MAY be stored as if it Likewise, a 206 (Partial Content) response MAY be stored as if it
were an incomplete 200 (OK) response. However, a cache MUST NOT were an incomplete 200 (OK) response. However, a cache MUST NOT
store incomplete or partial-content responses if it does not support store incomplete or partial-content responses if it does not support
the Range and Content-Range header fields or if it does not the Range and Content-Range header fields or if it does not
understand the range units used in those fields. understand the range units used in those fields.
A cache MAY complete a stored incomplete response by making a A cache MAY complete a stored incomplete response by making a
subsequent range request (Section 8.3 of [Semantics]) and combining subsequent range request (Section 9.3 of [Semantics]) and combining
the successful response with the stored response, as defined in the successful response with the stored response, as defined in
Section 3.4. A cache MUST NOT use an incomplete response to answer Section 3.4. A cache MUST NOT use an incomplete response to answer
requests unless the response has been made complete or the request is requests unless the response has been made complete or the request is
partial and specifies a range that is wholly within the incomplete partial and specifies a range that is wholly within the incomplete
response. A cache MUST NOT send a partial response to a client response. A cache MUST NOT send a partial response to a client
without explicitly marking it as such using the 206 (Partial Content) without explicitly marking it as such using the 206 (Partial Content)
status code. status code.
3.3. Storing Responses to Authenticated Requests 3.3. Storing Responses to Authenticated Requests
A shared cache MUST NOT use a cached response to a request with an A shared cache MUST NOT use a cached response to a request with an
Authorization header field (Section 8.5.3 of [Semantics]) to satisfy Authorization header field (Section 9.5.3 of [Semantics]) to satisfy
any subsequent request unless the response contains a Cache-Control any subsequent request unless the response contains a Cache-Control
field with a response directive (Section 5.2.2) that allows it to be field with a response directive (Section 5.2.2) that allows it to be
stored by a shared cache and the cache conforms to the requirements stored by a shared cache and the cache conforms to the requirements
of that directive for that response. of that directive for that response.
In this specification, the following response directives have such an In this specification, the following response directives have such an
effect: must-revalidate (Section 5.2.2.1), public (Section 5.2.2.6), effect: must-revalidate (Section 5.2.2.1), public (Section 5.2.2.6),
and s-maxage (Section 5.2.2.10). and s-maxage (Section 5.2.2.10).
3.4. Combining Partial Content 3.4. Combining Partial Content
A response might transfer only a partial representation if the A response might transfer only a partial representation if the
connection closed prematurely or if the request used one or more connection closed prematurely or if the request used one or more
Range specifiers (Section 8.3 of [Semantics]). After several such Range specifiers (Section 9.3 of [Semantics]). After several such
transfers, a cache might have received several ranges of the same transfers, a cache might have received several ranges of the same
representation. A cache MAY combine these ranges into a single representation. A cache MAY combine these ranges into a single
stored response, and reuse that response to satisfy later requests, stored response, and reuse that response to satisfy later requests,
if they all share the same strong validator and the cache complies if they all share the same strong validator and the cache complies
with the client requirements in Section 9.3.7.3 of [Semantics]. with the client requirements in Section 10.3.7.3 of [Semantics].
When combining the new response with one or more stored responses, a When combining the new response with one or more stored responses, a
cache MUST use the header fields provided in the new response, aside cache MUST use the header fields provided in the new response, aside
from Content-Range, to replace all instances of the corresponding from Content-Range, to replace all instances of the corresponding
header fields in the stored response. header fields in the stored response.
4. Constructing Responses from Caches 4. Constructing Responses from Caches
When presented with a request, a cache MUST NOT reuse a stored When presented with a request, a cache MUST NOT reuse a stored
response, unless: response, unless:
o The presented target URI (Section 5.1 of [Semantics]) and that of o The presented target URI (Section 6.1 of [Semantics]) and that of
the stored response match, and the stored response match, and
o the request method associated with the stored response allows it o the request method associated with the stored response allows it
to be used for the presented request, and to be used for the presented request, and
o selecting header fields nominated by the stored response (if any) o selecting header fields nominated by the stored response (if any)
match those presented (see Section 4.1), and match those presented (see Section 4.1), and
o the stored response does not contain the no-cache cache directive o the stored response does not contain the no-cache cache directive
(Section 5.2.2.3), unless it is successfully validated (Section 5.2.2.3), unless it is successfully validated
skipping to change at page 11, line 14 skipping to change at page 11, line 14
Note that any of the requirements listed above can be overridden by a Note that any of the requirements listed above can be overridden by a
cache-control extension; see Section 5.2.3. cache-control extension; see Section 5.2.3.
When a stored response is used to satisfy a request without When a stored response is used to satisfy a request without
validation, a cache MUST generate an Age header field (Section 5.1), validation, a cache MUST generate an Age header field (Section 5.1),
replacing any present in the response with a value equal to the replacing any present in the response with a value equal to the
stored response's current_age; see Section 4.2.3. stored response's current_age; see Section 4.2.3.
A cache MUST write through requests with methods that are unsafe A cache MUST write through requests with methods that are unsafe
(Section 7.2.1 of [Semantics]) to the origin server; i.e., a cache is (Section 8.2.1 of [Semantics]) to the origin server; i.e., a cache is
not allowed to generate a reply to such a request before having not allowed to generate a reply to such a request before having
forwarded the request and having received a corresponding response. forwarded the request and having received a corresponding response.
Also, note that unsafe requests might invalidate already-stored Also, note that unsafe requests might invalidate already-stored
responses; see Section 4.4. responses; see Section 4.4.
When more than one suitable response is stored, a cache MUST use the When more than one suitable response is stored, a cache MUST use the
most recent one (as determined by the Date header field). It can most recent one (as determined by the Date header field). It can
also forward the request with "Cache-Control: max-age=0" or "Cache- also forward the request with "Cache-Control: max-age=0" or "Cache-
Control: no-cache" to disambiguate which response to use. Control: no-cache" to disambiguate which response to use.
A cache that does not have a clock available MUST NOT use stored A cache that does not have a clock available MUST NOT use stored
responses without revalidating them upon every use. responses without revalidating them upon every use.
4.1. Calculating Cache Keys with Vary 4.1. Calculating Cache Keys with Vary
When a cache receives a request that can be satisfied by a stored When a cache receives a request that can be satisfied by a stored
response that has a Vary header field (Section 10.1.4 of response that has a Vary header field (Section 11.1.4 of
[Semantics]), it MUST NOT use that response unless all of the [Semantics]), it MUST NOT use that response unless all of the
selecting header fields nominated by the Vary header field match in selecting header fields nominated by the Vary header field match in
both the original request (i.e., that associated with the stored both the original request (i.e., that associated with the stored
response), and the presented request. response), and the presented request.
The selecting header fields from two requests are defined to match if The selecting header fields from two requests are defined to match if
and only if those in the first request can be transformed to those in and only if those in the first request can be transformed to those in
the second request by applying any of the following: the second request by applying any of the following:
o adding or removing whitespace, where allowed in the header field's o adding or removing whitespace, where allowed in the header field's
syntax syntax
o combining multiple header fields with the same field name (see o combining multiple header fields with the same field name (see
Section 4.4 of [Semantics]) Section 5.4 of [Semantics])
o normalizing both header field values in a way that is known to o normalizing both header field values in a way that is known to
have identical semantics, according to the header field's have identical semantics, according to the header field's
specification (e.g., reordering field values when order is not specification (e.g., reordering field values when order is not
significant; case-normalization, where values are defined to be significant; case-normalization, where values are defined to be
case-insensitive) case-insensitive)
If (after any normalization that might take place) a header field is If (after any normalization that might take place) a header field is
absent from a request, it can only match another request if it is absent from a request, it can only match another request if it is
also absent there. also absent there.
skipping to change at page 14, line 52 skipping to change at page 14, line 52
is not specified, employing algorithms that use other header field is not specified, employing algorithms that use other header field
values (such as the Last-Modified time) to estimate a plausible values (such as the Last-Modified time) to estimate a plausible
expiration time. This specification does not provide specific expiration time. This specification does not provide specific
algorithms, but does impose worst-case constraints on their results. algorithms, but does impose worst-case constraints on their results.
A cache MUST NOT use heuristics to determine freshness when an A cache MUST NOT use heuristics to determine freshness when an
explicit expiration time is present in the stored response. Because explicit expiration time is present in the stored response. Because
of the requirements in Section 3, this means that, effectively, of the requirements in Section 3, this means that, effectively,
heuristics can only be used on responses without explicit freshness heuristics can only be used on responses without explicit freshness
whose status codes are defined as "heuristically cacheable" (e.g., whose status codes are defined as "heuristically cacheable" (e.g.,
see Section 9.1 of [Semantics]), and those responses without explicit see Section 10.1 of [Semantics]), and those responses without
freshness that have been marked as explicitly cacheable (e.g., with a explicit freshness that have been marked as explicitly cacheable
"public" response directive). (e.g., with a "public" response directive).
Note that in previous specifications heuristically cacheable response Note that in previous specifications heuristically cacheable response
status codes were called "cacheable by default." status codes were called "cacheable by default."
If the response has a Last-Modified header field (Section 10.2.2 of If the response has a Last-Modified header field (Section 11.2.2 of
[Semantics]), caches are encouraged to use a heuristic expiration [Semantics]), caches are encouraged to use a heuristic expiration
value that is no more than some fraction of the interval since that value that is no more than some fraction of the interval since that
time. A typical setting of this fraction might be 10%. time. A typical setting of this fraction might be 10%.
Note: Section 13.9 of [RFC2616] prohibited caches from calculating Note: Section 13.9 of [RFC2616] prohibited caches from calculating
heuristic freshness for URIs with query components (i.e., those heuristic freshness for URIs with query components (i.e., those
containing '?'). In practice, this has not been widely containing '?'). In practice, this has not been widely
implemented. Therefore, origin servers are encouraged to send implemented. Therefore, origin servers are encouraged to send
explicit directives (e.g., Cache-Control: no-cache) if they wish explicit directives (e.g., Cache-Control: no-cache) if they wish
to preclude caching. to preclude caching.
skipping to change at page 15, line 40 skipping to change at page 15, line 40
amount of time it has been in transit along network paths. amount of time it has been in transit along network paths.
The following data is used for the age calculation: The following data is used for the age calculation:
age_value The term "age_value" denotes the value of the Age header age_value The term "age_value" denotes the value of the Age header
field (Section 5.1), in a form appropriate for arithmetic field (Section 5.1), in a form appropriate for arithmetic
operation; or 0, if not available. operation; or 0, if not available.
date_value The term "date_value" denotes the value of the Date date_value The term "date_value" denotes the value of the Date
header field, in a form appropriate for arithmetic operations. header field, in a form appropriate for arithmetic operations.
See Section 10.1.1.2 of [Semantics] for the definition of the Date See Section 11.1.1 of [Semantics] for the definition of the Date
header field, and for requirements regarding responses without it. header field, and for requirements regarding responses without it.
now The term "now" means "the current value of the clock at the host now The term "now" means "the current value of the clock at the host
performing the calculation". A host ought to use NTP ([RFC5905]) performing the calculation". A host ought to use NTP ([RFC5905])
or some similar protocol to synchronize its clocks to Coordinated or some similar protocol to synchronize its clocks to Coordinated
Universal Time. Universal Time.
request_time The current value of the clock at the host at the time request_time The current value of the clock at the host at the time
the request resulting in the stored response was made. the request resulting in the stored response was made.
skipping to change at page 17, line 16 skipping to change at page 17, line 16
or doing so is explicitly permitted by the client or origin server or doing so is explicitly permitted by the client or origin server
(e.g., by the max-stale request directive in Section 5.2.1, by (e.g., by the max-stale request directive in Section 5.2.1, by
extension directives such as those defined in [RFC5861], or by extension directives such as those defined in [RFC5861], or by
configuration in accordance with an out-of-band contract). configuration in accordance with an out-of-band contract).
4.3. Validation 4.3. Validation
When a cache has one or more stored responses for a requested URI, When a cache has one or more stored responses for a requested URI,
but cannot serve any of them (e.g., because they are not fresh, or but cannot serve any of them (e.g., because they are not fresh, or
one cannot be selected; see Section 4.1), it can use the conditional one cannot be selected; see Section 4.1), it can use the conditional
request mechanism Section 8.2 of [Semantics] in the forwarded request request mechanism Section 9.2 of [Semantics] in the forwarded request
to give the next inbound server an opportunity to select a valid to give the next inbound server an opportunity to select a valid
stored response to use, updating the stored metadata in the process, stored response to use, updating the stored metadata in the process,
or to replace the stored response(s) with a new response. This or to replace the stored response(s) with a new response. This
process is known as "validating" or "revalidating" the stored process is known as "validating" or "revalidating" the stored
response. response.
4.3.1. Sending a Validation Request 4.3.1. Sending a Validation Request
When generating a conditional request for validation, a cache starts When generating a conditional request for validation, a cache starts
with either a request it is attempting to satisfy, or -- if it is with either a request it is attempting to satisfy, or -- if it is
skipping to change at page 17, line 41 skipping to change at page 17, line 41
It then updates that request with one or more precondition header It then updates that request with one or more precondition header
fields. These contain validator metadata sourced from stored fields. These contain validator metadata sourced from stored
response(s) that have the same cache key. response(s) that have the same cache key.
The precondition header fields are then compared by recipients to The precondition header fields are then compared by recipients to
determine whether any stored response is equivalent to a current determine whether any stored response is equivalent to a current
representation of the resource. representation of the resource.
One such validator is the timestamp given in a Last-Modified header One such validator is the timestamp given in a Last-Modified header
field (Section 10.2.2 of [Semantics]), which can be used in an If- field (Section 11.2.2 of [Semantics]), which can be used in an If-
Modified-Since header field for response validation, or in an If- Modified-Since header field for response validation, or in an If-
Unmodified-Since or If-Range header field for representation Unmodified-Since or If-Range header field for representation
selection (i.e., the client is referring specifically to a previously selection (i.e., the client is referring specifically to a previously
obtained representation with that timestamp). obtained representation with that timestamp).
Another validator is the entity-tag given in an ETag field Another validator is the entity-tag given in an ETag field
(Section 10.2.3 of [Semantics]). One or more entity-tags, indicating (Section 11.2.3 of [Semantics]). One or more entity-tags, indicating
one or more stored responses, can be used in an If-None-Match header one or more stored responses, can be used in an If-None-Match header
field for response validation, or in an If-Match or If-Range header field for response validation, or in an If-Match or If-Range header
field for representation selection (i.e., the client is referring field for representation selection (i.e., the client is referring
specifically to one or more previously obtained representations with specifically to one or more previously obtained representations with
the listed entity-tags). the listed entity-tags).
4.3.2. Handling a Received Validation Request 4.3.2. Handling a Received Validation Request
Each client in the request chain may have its own cache, so it is Each client in the request chain may have its own cache, so it is
common for a cache at an intermediary to receive conditional requests common for a cache at an intermediary to receive conditional requests
skipping to change at page 18, line 29 skipping to change at page 18, line 29
received in that request with respect to the corresponding validators received in that request with respect to the corresponding validators
contained within the selected response. A cache MUST NOT evaluate contained within the selected response. A cache MUST NOT evaluate
conditional header fields that are only applicable to an origin conditional header fields that are only applicable to an origin
server, found in a request with semantics that cannot be satisfied server, found in a request with semantics that cannot be satisfied
with a cached response, or applied to a target resource for which it with a cached response, or applied to a target resource for which it
has no stored responses; such preconditions are likely intended for has no stored responses; such preconditions are likely intended for
some other (inbound) server. some other (inbound) server.
The proper evaluation of conditional requests by a cache depends on The proper evaluation of conditional requests by a cache depends on
the received precondition header fields and their precedence, as the received precondition header fields and their precedence, as
defined in Section 8.2.2 of [Semantics]. The If-Match and If- defined in Section 9.2.2 of [Semantics]. The If-Match and If-
Unmodified-Since conditional header fields are not applicable to a Unmodified-Since conditional header fields are not applicable to a
cache. cache.
A request containing an If-None-Match header field (Section 8.2.4 of A request containing an If-None-Match header field (Section 9.2.4 of
[Semantics]) indicates that the client wants to validate one or more [Semantics]) indicates that the client wants to validate one or more
of its own stored responses in comparison to whichever stored of its own stored responses in comparison to whichever stored
response is selected by the cache. If the field value is "*", or if response is selected by the cache. If the field value is "*", or if
the field value is a list of entity-tags and at least one of them the field value is a list of entity-tags and at least one of them
matches the entity-tag of the selected stored response, a cache matches the entity-tag of the selected stored response, a cache
recipient SHOULD generate a 304 (Not Modified) response (using the recipient SHOULD generate a 304 (Not Modified) response (using the
metadata of the selected stored response) instead of sending that metadata of the selected stored response) instead of sending that
stored response. stored response.
When a cache decides to revalidate its own stored responses for a When a cache decides to revalidate its own stored responses for a
skipping to change at page 19, line 11 skipping to change at page 19, line 11
content, the cache MUST NOT include its entity-tag in the union content, the cache MUST NOT include its entity-tag in the union
unless the request is for a range that would be fully satisfied by unless the request is for a range that would be fully satisfied by
that partial stored response. If the response to the forwarded that partial stored response. If the response to the forwarded
request is 304 (Not Modified) and has an ETag field value with an request is 304 (Not Modified) and has an ETag field value with an
entity-tag that is not in the client's list, the cache MUST generate entity-tag that is not in the client's list, the cache MUST generate
a 200 (OK) response for the client by reusing its corresponding a 200 (OK) response for the client by reusing its corresponding
stored response, as updated by the 304 response metadata stored response, as updated by the 304 response metadata
(Section 4.3.4). (Section 4.3.4).
If an If-None-Match header field is not present, a request containing If an If-None-Match header field is not present, a request containing
an If-Modified-Since header field (Section 8.2.5 of [Semantics]) an If-Modified-Since header field (Section 9.2.5 of [Semantics])
indicates that the client wants to validate one or more of its own indicates that the client wants to validate one or more of its own
stored responses by modification date. A cache recipient SHOULD stored responses by modification date. A cache recipient SHOULD
generate a 304 (Not Modified) response (using the metadata of the generate a 304 (Not Modified) response (using the metadata of the
selected stored response) if one of the following cases is true: 1) selected stored response) if one of the following cases is true: 1)
the selected stored response has a Last-Modified field value that is the selected stored response has a Last-Modified field value that is
earlier than or equal to the conditional timestamp; 2) no Last- earlier than or equal to the conditional timestamp; 2) no Last-
Modified field is present in the selected stored response, but it has Modified field is present in the selected stored response, but it has
a Date field value that is earlier than or equal to the conditional a Date field value that is earlier than or equal to the conditional
timestamp; or, 3) neither Last-Modified nor Date is present in the timestamp; or, 3) neither Last-Modified nor Date is present in the
selected stored response, but the cache recorded it as having been selected stored response, but the cache recorded it as having been
received at a time earlier than or equal to the conditional received at a time earlier than or equal to the conditional
timestamp. timestamp.
A cache that implements partial responses to range requests, as A cache that implements partial responses to range requests, as
defined in Section 8.3 of [Semantics], also needs to evaluate a defined in Section 9.3 of [Semantics], also needs to evaluate a
received If-Range header field (Section 8.2.7 of [Semantics]) with received If-Range header field (Section 9.2.7 of [Semantics]) with
respect to its selected stored response. respect to its selected stored response.
4.3.3. Handling a Validation Response 4.3.3. Handling a Validation Response
Cache handling of a response to a conditional request is dependent Cache handling of a response to a conditional request is dependent
upon its status code: upon its status code:
o A 304 (Not Modified) response status code indicates that the o A 304 (Not Modified) response status code indicates that the
stored response can be updated and reused; see Section 4.3.4. stored response can be updated and reused; see Section 4.3.4.
skipping to change at page 20, line 16 skipping to change at page 20, line 16
When a cache receives a 304 (Not Modified) response and already has When a cache receives a 304 (Not Modified) response and already has
one or more stored 200 (OK) responses for the applicable cache key, one or more stored 200 (OK) responses for the applicable cache key,
the cache needs to identify which (if any) are to be updated by the the cache needs to identify which (if any) are to be updated by the
new information provided, and then do so. new information provided, and then do so.
The stored response(s) to update are identified by using the first The stored response(s) to update are identified by using the first
match (if any) of the following: match (if any) of the following:
o If the new response contains a strong validator (see o If the new response contains a strong validator (see
Section 10.2.1 of [Semantics]), then that strong validator Section 11.2.1 of [Semantics]), then that strong validator
identifies the selected representation for update. All of the identifies the selected representation for update. All of the
stored responses with the same strong validator are identified for stored responses with the same strong validator are identified for
update. If none of the stored responses contain the same strong update. If none of the stored responses contain the same strong
validator, then the cache MUST NOT use the new response to update validator, then the cache MUST NOT use the new response to update
any stored responses. any stored responses.
o If the new response contains a weak validator and that validator o If the new response contains a weak validator and that validator
corresponds to one of the cache's stored responses, then the most corresponds to one of the cache's stored responses, then the most
recent of those matching stored responses is identified for recent of those matching stored responses is identified for
update. update.
skipping to change at page 21, line 31 skipping to change at page 21, line 31
If a cache updates a stored response with the metadata provided in a If a cache updates a stored response with the metadata provided in a
HEAD response, the cache MUST use the header fields provided in the HEAD response, the cache MUST use the header fields provided in the
HEAD response to replace all instances of the corresponding header HEAD response to replace all instances of the corresponding header
fields in the stored response (subject to the exceptions in fields in the stored response (subject to the exceptions in
Section 4.3.4) and append new header fields to the stored response's Section 4.3.4) and append new header fields to the stored response's
header section unless otherwise restricted by the Cache-Control header section unless otherwise restricted by the Cache-Control
header field. header field.
4.4. Invalidation 4.4. Invalidation
Because unsafe request methods (Section 7.2.1 of [Semantics]) such as Because unsafe request methods (Section 8.2.1 of [Semantics]) such as
PUT, POST or DELETE have the potential for changing state on the PUT, POST or DELETE have the potential for changing state on the
origin server, intervening caches are required to invalidate stored origin server, intervening caches are required to invalidate stored
responses to keep their contents up to date. Invalidate means that responses to keep their contents up to date. Invalidate means that
the cache will either remove all stored responses whose target URI the cache will either remove all stored responses whose target URI
matches the given URI, or will mark them as "invalid" and in need of matches the given URI, or will mark them as "invalid" and in need of
a mandatory validation before they can be sent in response to a a mandatory validation before they can be sent in response to a
subsequent request. subsequent request.
Note that this does not guarantee that all appropriate responses are Note that this does not guarantee that all appropriate responses are
invalidated globally; a state-changing request would only invalidate invalidated globally; a state-changing request would only invalidate
responses in the caches that it travels through. responses in the caches that it travels through.
A cache MUST invalidate the target URI (Section 5.1 of [Semantics]) A cache MUST invalidate the target URI (Section 6.1 of [Semantics])
as well as the URI(s) in the Location and Content-Location response as well as the URI(s) in the Location and Content-Location response
header fields (if present) when a non-error status code is received header fields (if present) when a non-error status code is received
in response to an unsafe request method. in response to an unsafe request method.
However, a cache MUST NOT invalidate a URI from a Location or However, a cache MUST NOT invalidate a URI from a Location or
Content-Location response header field if the host part of that URI Content-Location response header field if the host part of that URI
differs from the host part in the target URI (Section 5.1 of differs from the host part in the target URI (Section 6.1 of
[Semantics]). This helps prevent denial-of-service attacks. [Semantics]). This helps prevent denial-of-service attacks.
A cache MUST invalidate the target URI (Section 5.1 of [Semantics]) A cache MUST invalidate the target URI (Section 6.1 of [Semantics])
when it receives a non-error response to a request with a method when it receives a non-error response to a request with a method
whose safety is unknown. whose safety is unknown.
Here, a "non-error response" is one with a 2xx (Successful) or 3xx Here, a "non-error response" is one with a 2xx (Successful) or 3xx
(Redirection) status code. (Redirection) status code.
5. Field Definitions 5. Field Definitions
This section defines the syntax and semantics of HTTP fields related This section defines the syntax and semantics of HTTP fields related
to caching. to caching.
skipping to change at page 26, line 13 skipping to change at page 26, line 13
be vulnerable to eavesdropping. be vulnerable to eavesdropping.
Note that if a request containing this directive is satisfied from a Note that if a request containing this directive is satisfied from a
cache, the no-store request directive does not apply to the already cache, the no-store request directive does not apply to the already
stored response. stored response.
5.2.1.6. no-transform 5.2.1.6. no-transform
The "no-transform" request directive indicates that the client is The "no-transform" request directive indicates that the client is
asking for intermediares (whether or not they implement a cache) to asking for intermediares (whether or not they implement a cache) to
avoid transforming the payload, as defined in Section 5.7.2 of avoid transforming the payload, as defined in Section 6.7.2 of
[Semantics]. [Semantics].
5.2.1.7. only-if-cached 5.2.1.7. only-if-cached
The "only-if-cached" request directive indicates that the client only The "only-if-cached" request directive indicates that the client only
wishes to obtain a stored response. Caches that honor this request wishes to obtain a stored response. Caches that honor this request
directive SHOULD, upon receiving it, either respond using a stored directive SHOULD, upon receiving it, either respond using a stored
response that is consistent with the other constraints of the response that is consistent with the other constraints of the
request, or respond with a 504 (Gateway Timeout) status code. request, or respond with a 504 (Gateway Timeout) status code.
skipping to change at page 28, line 26 skipping to change at page 28, line 26
This directive is NOT a reliable or sufficient mechanism for ensuring This directive is NOT a reliable or sufficient mechanism for ensuring
privacy. In particular, malicious or compromised caches might not privacy. In particular, malicious or compromised caches might not
recognize or obey this directive, and communications networks might recognize or obey this directive, and communications networks might
be vulnerable to eavesdropping. be vulnerable to eavesdropping.
5.2.2.5. no-transform 5.2.2.5. no-transform
The "no-transform" response directive indicates that an intermediary The "no-transform" response directive indicates that an intermediary
(regardless of whether it implements a cache) MUST NOT transform the (regardless of whether it implements a cache) MUST NOT transform the
payload, as defined in Section 5.7.2 of [Semantics]. payload, as defined in Section 6.7.2 of [Semantics].
5.2.2.6. public 5.2.2.6. public
The "public" response directive indicates that a cache MAY store the The "public" response directive indicates that a cache MAY store the
response even if it would otherwise be prohibited, subject to the response even if it would otherwise be prohibited, subject to the
constraints defined in Section 3. In other words, public explicitly constraints defined in Section 3. In other words, public explicitly
marks the response as cacheable. For example, public permits a marks the response as cacheable. For example, public permits a
shared cache to reuse a response to a request containing an shared cache to reuse a response to a request containing an
Authorization header field (Section 3.3). Authorization header field (Section 3.3).
skipping to change at page 32, line 10 skipping to change at page 32, line 10
The "Expires" header field gives the date/time after which the The "Expires" header field gives the date/time after which the
response is considered stale. See Section 4.2 for further discussion response is considered stale. See Section 4.2 for further discussion
of the freshness model. of the freshness model.
The presence of an Expires field does not imply that the original The presence of an Expires field does not imply that the original
resource will change or cease to exist at, before, or after that resource will change or cease to exist at, before, or after that
time. time.
The Expires value is an HTTP-date timestamp, as defined in The Expires value is an HTTP-date timestamp, as defined in
Section 10.1.1.1 of [Semantics]. Section 5.4.1.5 of [Semantics].
Expires = HTTP-date Expires = HTTP-date
For example For example
Expires: Thu, 01 Dec 1994 16:00:00 GMT Expires: Thu, 01 Dec 1994 16:00:00 GMT
A cache recipient MUST interpret invalid date formats, especially the A cache recipient MUST interpret invalid date formats, especially the
value "0", as representing a time in the past (i.e., "already value "0", as representing a time in the past (i.e., "already
expired"). expired").
skipping to change at page 35, line 30 skipping to change at page 35, line 30
Please add a note to the "Hypertext Transfer Protocol (HTTP) Warn Please add a note to the "Hypertext Transfer Protocol (HTTP) Warn
Codes" registry at <https://www.iana.org/assignments/http-warn-codes> Codes" registry at <https://www.iana.org/assignments/http-warn-codes>
to the effect that Warning is obsoleted. to the effect that Warning is obsoleted.
9. References 9. References
9.1. Normative References 9.1. Normative References
[Messaging] [Messaging]
Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "HTTP/1.1 Messaging", draft-ietf-httpbis-messaging-08 Ed., "HTTP/1.1 Messaging", draft-ietf-httpbis-messaging-09
(work in progress), May 2020. (work in progress), July 2020.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66, Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, DOI 10.17487/RFC3986, January 2005, RFC 3986, DOI 10.17487/RFC3986, January 2005,
<https://www.rfc-editor.org/info/rfc3986>. <https://www.rfc-editor.org/info/rfc3986>.
skipping to change at page 36, line 11 skipping to change at page 36, line 11
[RFC7405] Kyzivat, P., "Case-Sensitive String Support in ABNF", [RFC7405] Kyzivat, P., "Case-Sensitive String Support in ABNF",
RFC 7405, DOI 10.17487/RFC7405, December 2014, RFC 7405, DOI 10.17487/RFC7405, December 2014,
<https://www.rfc-editor.org/info/rfc7405>. <https://www.rfc-editor.org/info/rfc7405>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[Semantics] [Semantics]
Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "HTTP Semantics", draft-ietf-httpbis-semantics-08 Ed., "HTTP Semantics", draft-ietf-httpbis-semantics-09
(work in progress), May 2020. (work in progress), July 2020.
[USASCII] American National Standards Institute, "Coded Character [USASCII] American National Standards Institute, "Coded Character
Set -- 7-bit American Standard Code for Information Set -- 7-bit American Standard Code for Information
Interchange", ANSI X3.4, 1986. Interchange", ANSI X3.4, 1986.
9.2. Informative References 9.2. Informative References
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, Transfer Protocol -- HTTP/1.1", RFC 2616,
skipping to change at page 37, line 8 skipping to change at page 37, line 8
<https://www.rfc-editor.org/info/rfc7234>. <https://www.rfc-editor.org/info/rfc7234>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26, Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017, RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>. <https://www.rfc-editor.org/info/rfc8126>.
Appendix A. Collected ABNF Appendix A. Collected ABNF
In the collected ABNF below, list rules are expanded as per In the collected ABNF below, list rules are expanded as per
Section 4.5 of [Semantics]. Section 5.5.1 of [Semantics].
Age = delta-seconds Age = delta-seconds
Cache-Control = [ cache-directive ] *( OWS "," OWS [ cache-directive Cache-Control = cache-directive *( OWS "," OWS cache-directive )
] )
Expires = HTTP-date Expires = HTTP-date
HTTP-date = <HTTP-date, see [Semantics], Section 10.1.1.1> HTTP-date = <HTTP-date, see [Semantics], Section 5.4.1.5>
OWS = <OWS, see [Semantics], Section 1.2.1> OWS = <OWS, see [Semantics], Section 1.2.1>
cache-directive = token [ "=" ( token / quoted-string ) ] cache-directive = token [ "=" ( token / quoted-string ) ]
delta-seconds = 1*DIGIT delta-seconds = 1*DIGIT
field-name = <field-name, see [Semantics], Section 4.3> field-name = <field-name, see [Semantics], Section 5.3>
quoted-string = <quoted-string, see [Semantics], Section 4.4.1.2> quoted-string = <quoted-string, see [Semantics], Section 5.4.1.2>
token = <token, see [Semantics], Section 4.4.1.1> token = <token, see [Semantics], Section 5.4.1.1>
Appendix B. Changes from RFC 7234 Appendix B. Changes from RFC 7234
Some cache directives defined by this specification now have stronger Some cache directives defined by this specification now have stronger
prohibitions against generating the quoted form of their values, prohibitions against generating the quoted form of their values,
since this has been found to create interoperability problems. since this has been found to create interoperability problems.
Consumers of extension cache directives are no longer required to Consumers of extension cache directives are no longer required to
accept both token and quoted-string forms, but they still need to accept both token and quoted-string forms, but they still need to
properly parse them for unknown extensions. (Section 5.2) properly parse them for unknown extensions. (Section 5.2)
skipping to change at page 41, line 12 skipping to change at page 41, line 12
similar with "target URI" (<https://github.com/httpwg/http-core/ similar with "target URI" (<https://github.com/httpwg/http-core/
issues/259>) issues/259>)
o In Section 5.2.2.6 and Section 5.2.2.7, make it clear that these o In Section 5.2.2.6 and Section 5.2.2.7, make it clear that these
directives do not ignore other requirements for caching directives do not ignore other requirements for caching
(<https://github.com/httpwg/http-core/issues/320>) (<https://github.com/httpwg/http-core/issues/320>)
o In Section 3.2, move definition of "complete" into semantics o In Section 3.2, move definition of "complete" into semantics
(<https://github.com/httpwg/http-core/issues/334>) (<https://github.com/httpwg/http-core/issues/334>)
C.10. Since draft-ietf-httpbis-cache-08
o Appendix A now uses the sender variant of the "#" list expansion
(<https://github.com/httpwg/http-core/issues/192>)
Index Index
A A
Age header field 22 Age header field 22
age 12 age 12
C C
Cache-Control header field 23 Cache-Control header field 23
cache 4 cache 4
cache key 6 cache key 6
 End of changes. 50 change blocks. 
60 lines changed or deleted 65 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/