draft-ietf-httpbis-cache-10.txt   draft-ietf-httpbis-cache-11.txt 
HTTP Working Group R. Fielding, Ed. HTTP Working Group R. Fielding, Ed.
Internet-Draft Adobe Internet-Draft Adobe
Obsoletes: 7234 (if approved) M. Nottingham, Ed. Obsoletes: 7234 (if approved) M. Nottingham, Ed.
Intended status: Standards Track Fastly Intended status: Standards Track Fastly
Expires: January 13, 2021 J. F. Reschke, Ed. Expires: February 28, 2021 J. F. Reschke, Ed.
greenbytes greenbytes
July 12, 2020 August 27, 2020
HTTP Caching HTTP Caching
draft-ietf-httpbis-cache-10 draft-ietf-httpbis-cache-11
Abstract Abstract
The Hypertext Transfer Protocol (HTTP) is a stateless application- The Hypertext Transfer Protocol (HTTP) is a stateless application-
level protocol for distributed, collaborative, hypertext information level protocol for distributed, collaborative, hypertext information
systems. This document defines HTTP caches and the associated header systems. This document defines HTTP caches and the associated header
fields that control cache behavior or indicate cacheable response fields that control cache behavior or indicate cacheable response
messages. messages.
This document obsoletes RFC 7234. This document obsoletes RFC 7234.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
This note is to be removed before publishing as an RFC. This note is to be removed before publishing as an RFC.
Discussion of this draft takes place on the HTTP working group Discussion of this draft takes place on the HTTP working group
mailing list (ietf-http-wg@w3.org), which is archived at mailing list (ietf-http-wg@w3.org), which is archived at
<https://lists.w3.org/Archives/Public/ietf-http-wg/>. <https://lists.w3.org/Archives/Public/ietf-http-wg/>.
Working Group information can be found at <https://httpwg.org/>; Working Group information can be found at <https://httpwg.org/>;
source code and issues list for this draft can be found at source code and issues list for this draft can be found at
<https://github.com/httpwg/http-core>. <https://github.com/httpwg/http-core>.
The changes in this draft are summarized in Appendix C.11. The changes in this draft are summarized in Appendix C.12.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 13, 2021. This Internet-Draft will expire on February 28, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 48 skipping to change at page 2, line 48
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1. Requirements Notation . . . . . . . . . . . . . . . . . . 5 1.1. Requirements Notation . . . . . . . . . . . . . . . . . . 5
1.2. Syntax Notation . . . . . . . . . . . . . . . . . . . . . 5 1.2. Syntax Notation . . . . . . . . . . . . . . . . . . . . . 5
1.3. Delta Seconds . . . . . . . . . . . . . . . . . . . . . . 6 1.3. Delta Seconds . . . . . . . . . . . . . . . . . . . . . . 6
2. Overview of Cache Operation . . . . . . . . . . . . . . . . . 6 2. Overview of Cache Operation . . . . . . . . . . . . . . . . . 6
3. Storing Responses in Caches . . . . . . . . . . . . . . . . . 7 3. Storing Responses in Caches . . . . . . . . . . . . . . . . . 7
3.1. Storing Header and Trailer Fields . . . . . . . . . . . . 8 3.1. Storing Header and Trailer Fields . . . . . . . . . . . . 8
3.2. Storing Incomplete Responses . . . . . . . . . . . . . . 9 3.2. Storing Incomplete Responses . . . . . . . . . . . . . . 9
3.3. Storing Responses to Authenticated Requests . . . . . . . 10 3.3. Storing Responses to Authenticated Requests . . . . . . . 9
3.4. Combining Partial Content . . . . . . . . . . . . . . . . 10 3.4. Combining Partial Content . . . . . . . . . . . . . . . . 10
4. Constructing Responses from Caches . . . . . . . . . . . . . 10 4. Constructing Responses from Caches . . . . . . . . . . . . . 10
4.1. Calculating Cache Keys with Vary . . . . . . . . . . . . 11 4.1. Calculating Cache Keys with Vary . . . . . . . . . . . . 11
4.2. Freshness . . . . . . . . . . . . . . . . . . . . . . . . 12 4.2. Freshness . . . . . . . . . . . . . . . . . . . . . . . . 12
4.2.1. Calculating Freshness Lifetime . . . . . . . . . . . 14 4.2.1. Calculating Freshness Lifetime . . . . . . . . . . . 14
4.2.2. Calculating Heuristic Freshness . . . . . . . . . . . 14 4.2.2. Calculating Heuristic Freshness . . . . . . . . . . . 14
4.2.3. Calculating Age . . . . . . . . . . . . . . . . . . . 15 4.2.3. Calculating Age . . . . . . . . . . . . . . . . . . . 15
4.2.4. Serving Stale Responses . . . . . . . . . . . . . . . 16 4.2.4. Serving Stale Responses . . . . . . . . . . . . . . . 16
4.3. Validation . . . . . . . . . . . . . . . . . . . . . . . 17 4.3. Validation . . . . . . . . . . . . . . . . . . . . . . . 17
4.3.1. Sending a Validation Request . . . . . . . . . . . . 17 4.3.1. Sending a Validation Request . . . . . . . . . . . . 17
skipping to change at page 4, line 7 skipping to change at page 4, line 7
7.2. Timing Attacks . . . . . . . . . . . . . . . . . . . . . 34 7.2. Timing Attacks . . . . . . . . . . . . . . . . . . . . . 34
7.3. Caching of Sensitive Information . . . . . . . . . . . . 35 7.3. Caching of Sensitive Information . . . . . . . . . . . . 35
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35
8.1. Field Registration . . . . . . . . . . . . . . . . . . . 35 8.1. Field Registration . . . . . . . . . . . . . . . . . . . 35
8.2. Cache Directive Registration . . . . . . . . . . . . . . 35 8.2. Cache Directive Registration . . . . . . . . . . . . . . 35
8.3. Warn Code Registry . . . . . . . . . . . . . . . . . . . 35 8.3. Warn Code Registry . . . . . . . . . . . . . . . . . . . 35
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 35 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 35
9.1. Normative References . . . . . . . . . . . . . . . . . . 35 9.1. Normative References . . . . . . . . . . . . . . . . . . 35
9.2. Informative References . . . . . . . . . . . . . . . . . 36 9.2. Informative References . . . . . . . . . . . . . . . . . 36
Appendix A. Collected ABNF . . . . . . . . . . . . . . . . . . . 37 Appendix A. Collected ABNF . . . . . . . . . . . . . . . . . . . 37
Appendix B. Changes from RFC 7234 . . . . . . . . . . . . . . . 38 Appendix B. Changes from RFC 7234 . . . . . . . . . . . . . . . 37
Appendix C. Change Log . . . . . . . . . . . . . . . . . . . . . 38 Appendix C. Change Log . . . . . . . . . . . . . . . . . . . . . 38
C.1. Between RFC7234 and draft 00 . . . . . . . . . . . . . . 38 C.1. Between RFC7234 and draft 00 . . . . . . . . . . . . . . 38
C.2. Since draft-ietf-httpbis-cache-00 . . . . . . . . . . . . 39 C.2. Since draft-ietf-httpbis-cache-00 . . . . . . . . . . . . 39
C.3. Since draft-ietf-httpbis-cache-01 . . . . . . . . . . . . 39 C.3. Since draft-ietf-httpbis-cache-01 . . . . . . . . . . . . 39
C.4. Since draft-ietf-httpbis-cache-02 . . . . . . . . . . . . 39 C.4. Since draft-ietf-httpbis-cache-02 . . . . . . . . . . . . 39
C.5. Since draft-ietf-httpbis-cache-03 . . . . . . . . . . . . 39 C.5. Since draft-ietf-httpbis-cache-03 . . . . . . . . . . . . 39
C.6. Since draft-ietf-httpbis-cache-04 . . . . . . . . . . . . 40 C.6. Since draft-ietf-httpbis-cache-04 . . . . . . . . . . . . 40
C.7. Since draft-ietf-httpbis-cache-05 . . . . . . . . . . . . 40 C.7. Since draft-ietf-httpbis-cache-05 . . . . . . . . . . . . 40
C.8. Since draft-ietf-httpbis-cache-06 . . . . . . . . . . . . 40 C.8. Since draft-ietf-httpbis-cache-06 . . . . . . . . . . . . 40
C.9. Since draft-ietf-httpbis-cache-07 . . . . . . . . . . . . 41 C.9. Since draft-ietf-httpbis-cache-07 . . . . . . . . . . . . 41
C.10. Since draft-ietf-httpbis-cache-08 . . . . . . . . . . . . 41 C.10. Since draft-ietf-httpbis-cache-08 . . . . . . . . . . . . 41
C.11. Since draft-ietf-httpbis-cache-09 . . . . . . . . . . . . 41 C.11. Since draft-ietf-httpbis-cache-09 . . . . . . . . . . . . 41
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 41 C.12. Since draft-ietf-httpbis-cache-10 . . . . . . . . . . . . 41
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 41 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 42
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 42
1. Introduction 1. Introduction
The Hypertext Transfer Protocol (HTTP) is a stateless application- The Hypertext Transfer Protocol (HTTP) is a stateless application-
level request/response protocol that uses extensible semantics and level request/response protocol that uses extensible semantics and
self-descriptive messages for flexible interaction with network-based self-descriptive messages for flexible interaction with network-based
hypertext information systems. HTTP is defined by a series of hypertext information systems. HTTP is defined by a series of
documents that collectively form the HTTP/1.1 specification: documents that collectively form the HTTP/1.1 specification:
o "HTTP Semantics" [Semantics] o "HTTP Semantics" [Semantics]
o "HTTP Caching" (this document) o "HTTP Caching" (this document)
o "HTTP/1.1 Messaging" [Messaging] o "HTTP/1.1 Messaging" [Messaging]
HTTP is typically used for distributed information systems, where HTTP is typically used for distributed information systems, where the
performance can be improved by the use of response caches. This use of response caches can improve performance. This document
document defines aspects of HTTP related to caching and reusing defines aspects of HTTP related to caching and reusing response
response messages. messages.
An HTTP cache is a local store of response messages and the subsystem An HTTP cache is a local store of response messages and the subsystem
that controls storage, retrieval, and deletion of messages in it. A that controls storage, retrieval, and deletion of messages in it. A
cache stores cacheable responses in order to reduce the response time cache stores cacheable responses to reduce the response time and
and network bandwidth consumption on future, equivalent requests. network bandwidth consumption on future equivalent requests. Any
Any client or server MAY employ a cache, though a cache cannot be client or server MAY use a cache, though a server that is acting as a
used by a server that is acting as a tunnel. tunnel cannot.
A shared cache is a cache that stores responses to be reused by more A shared cache is a cache that stores responses for reuse by more
than one user; shared caches are usually (but not always) deployed as than one user; shared caches are usually (but not always) deployed as
a part of an intermediary. A private cache, in contrast, is a part of an intermediary. A private cache, in contrast, is
dedicated to a single user; often, they are deployed as a component dedicated to a single user; often, they are deployed as a component
of a user agent. of a user agent.
The goal of caching in HTTP is to significantly improve performance HTTP caching's goal is significantly improving performance by reusing
by reusing a prior response message to satisfy a current request. A a prior response message to satisfy a current request. A cache
stored response is considered "fresh", as defined in Section 4.2, if considers a stored response "fresh", as defined in Section 4.2, if it
the response can be reused without "validation" (checking with the can be reused without "validation" (checking with the origin server
origin server to see if the cached response remains valid for this to see if the cached response remains valid for this request). A
request). A fresh response can therefore reduce both latency and fresh response can therefore reduce both latency and network overhead
network overhead each time it is reused. When a cached response is each time the cache reuses it. When a cached response is not fresh,
not fresh, it might still be reusable if it can be freshened by it might still be reusable if validation can freshen it (Section 4.3)
validation (Section 4.3) or if the origin is unavailable or if the origin is unavailable (Section 4.2.4).
(Section 4.2.4).
This document obsoletes RFC 7234, with the changes being summarized This document obsoletes RFC 7234, with the changes being summarized
in Appendix B. in Appendix B.
1.1. Requirements Notation 1.1. Requirements Notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
Conformance criteria and considerations regarding error handling are Section 3 of [Semantics] defines conformance criteria and contains
defined in Section 3 of [Semantics]. considerations regarding error handling.
1.2. Syntax Notation 1.2. Syntax Notation
This specification uses the Augmented Backus-Naur Form (ABNF) This specification uses the Augmented Backus-Naur Form (ABNF)
notation of [RFC5234], extended with the notation for case- notation of [RFC5234], extended with the notation for case-
sensitivity in strings defined in [RFC7405]. sensitivity in strings defined in [RFC7405].
It also uses a list extension, defined in Section 5.5 of [Semantics], It also uses a list extension, defined in Section 5.5 of [Semantics],
that allows for compact definition of comma-separated lists using a that allows for compact definition of comma-separated lists using a
'#' operator (similar to how the '*' operator indicates repetition). '#' operator (similar to how the '*' operator indicates repetition).
Appendix A shows the collected grammar with all list operators Appendix A shows the collected grammar with all list operators
expanded to standard ABNF notation. expanded to standard ABNF notation.
The following core rules are included by reference, as defined in The following core rules are included by reference, as defined in
[RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF [RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF
(CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote), (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote),
HEXDIG (hexadecimal 0-9/A-F/a-f), HTAB (horizontal tab), LF (line HEXDIG (hexadecimal 0-9/A-F/a-f), HTAB (horizontal tab), LF (line
feed), OCTET (any 8-bit sequence of data), SP (space), and VCHAR (any feed), OCTET (any 8-bit sequence of data), SP (space), and VCHAR (any
visible [USASCII] character). visible [USASCII] character).
The rules below are defined in [Semantics]: [Semantics] defines the following rules:
HTTP-date = <HTTP-date, see [Semantics], Section 5.4.1.5> HTTP-date = <HTTP-date, see [Semantics], Section 5.4.1.5>
OWS = <OWS, see [Semantics], Section 1.2.1> OWS = <OWS, see [Semantics], Section 1.6.1>
field-name = <field-name, see [Semantics], Section 5.3> field-name = <field-name, see [Semantics], Section 5.3>
quoted-string = <quoted-string, see [Semantics], Section 5.4.1.2> quoted-string = <quoted-string, see [Semantics], Section 5.4.1.2>
token = <token, see [Semantics], Section 5.4.1.1> token = <token, see [Semantics], Section 5.4.1.1>
1.3. Delta Seconds 1.3. Delta Seconds
The delta-seconds rule specifies a non-negative integer, representing The delta-seconds rule specifies a non-negative integer, representing
time in seconds. time in seconds.
delta-seconds = 1*DIGIT delta-seconds = 1*DIGIT
A recipient parsing a delta-seconds value and converting it to binary A recipient parsing a delta-seconds value and converting it to binary
form ought to use an arithmetic type of at least 31 bits of non- form ought to use an arithmetic type of at least 31 bits of non-
negative integer range. If a cache receives a delta-seconds value negative integer range. If a cache receives a delta-seconds value
greater than the greatest integer it can represent, or if any of its greater than the greatest integer it can represent, or if any of its
subsequent calculations overflows, the cache MUST consider the value subsequent calculations overflows, the cache MUST consider the value
to be either 2147483648 (2^31) or the greatest positive integer it to be 2147483648 (2^31) or the greatest positive integer it can
can conveniently represent. conveniently represent.
| *Note:* The value 2147483648 is here for historical reasons, | *Note:* The value 2147483648 is here for historical reasons,
| effectively represents infinity (over 68 years), and does not | represents infinity (over 68 years), and does not need to be
| need to be stored in binary form; an implementation could | stored in binary form; an implementation could produce it as a
| produce it as a canned string if any overflow occurs, even if | canned string if any overflow occurs, even if the calculations
| the calculations are performed with an arithmetic type | are performed with an arithmetic type incapable of directly
| incapable of directly representing that number. What matters | representing that number. What matters here is that an
| here is that an overflow be detected and not treated as a | overflow be detected and not treated as a negative value in
| negative value in later calculations. | later calculations.
2. Overview of Cache Operation 2. Overview of Cache Operation
Proper cache operation preserves the semantics of HTTP transfers Proper cache operation preserves the semantics of HTTP transfers
([Semantics]) while reducing the transfer of information already held ([Semantics]) while reducing the transfer of information already held
in the cache. Although caching is an entirely OPTIONAL feature of in the cache. Although caching is an entirely OPTIONAL feature of
HTTP, it can be assumed that reusing a cached response is desirable HTTP, it can be assumed that reusing a cached response is desirable
and that such reuse is the default behavior when no requirement or and that such reuse is the default behavior when no requirement or
local configuration prevents it. Therefore, HTTP cache requirements local configuration prevents it. Therefore, HTTP cache requirements
are focused on preventing a cache from either storing a non-reusable are focused on preventing a cache from either storing a non-reusable
response or reusing a stored response inappropriately, rather than response or reusing a stored response inappropriately, rather than
mandating that caches always store and reuse particular responses. mandating that caches always store and reuse particular responses.
The base cache key consists of the request method and target URI used The base cache key comprises the request method and target URI used
to retrieve the stored response; the method determines under which to retrieve the stored response; the method determines under which
circumstances that response can be used to satisfy a request. circumstances that response can be used to satisfy a request.
However, many HTTP caches in common use today only cache GET However, many HTTP caches in common use today only cache GET
responses, and therefore only use the URI as the cache key, responses, and therefore only use the URI as the cache key,
forwarding other methods. forwarding other methods.
If a request target is subject to content negotiation, the cache If a request target is subject to content negotiation, the cache
might store multiple responses for it. Caches differentiate these might store multiple responses for it. Caches differentiate these
responses by incorporating values of the original request's selecting responses by incorporating values of the original request's selecting
header fields into the cache key as well, as per Section 4.1. header fields into the cache key as well, as per Section 4.1.
Furthermore, caches might incorporate additional material into the Caches might incorporate additional material into the cache key. For
cache key. For example, user agent caches might include the example, user agent caches might include the referring site's
referring site's identity, thereby "double keying" the cache to avoid identity, thereby "double keying" the cache to avoid some privacy
some privacy risks (see Section 7.2). risks (see Section 7.2).
Most commonly, caches store the successful result of a retrieval Most commonly, caches store the successful result of a retrieval
request: i.e., a 200 (OK) response to a GET request, which contains a request: i.e., a 200 (OK) response to a GET request, which contains a
representation of the target resource (Section 8.3.1 of [Semantics]). representation of the target resource (Section 8.3.1 of [Semantics]).
However, it is also possible to store redirects, negative results However, it is also possible to store redirects, negative results
(e.g., 404 (Not Found)), incomplete results (e.g., 206 (Partial (e.g., 404 (Not Found)), incomplete results (e.g., 206 (Partial
Content)), and responses to methods other than GET if the method's Content)), and responses to methods other than GET if the method's
definition allows such caching and defines something suitable for use definition allows such caching and defines something suitable for use
as a cache key. as a cache key.
A cache is disconnected when it cannot contact the origin server or A cache is disconnected when it cannot contact the origin server or
otherwise find a forward path for a given request. A disconnected otherwise find a forward path for a request. A disconnected cache
cache can serve stale responses in some circumstances can serve stale responses in some circumstances (Section 4.2.4).
(Section 4.2.4).
3. Storing Responses in Caches 3. Storing Responses in Caches
A cache MUST NOT store a response to a request unless: A cache MUST NOT store a response to a request unless:
o the request method is understood by the cache; o the request method is understood by the cache;
o the response status code is final (see Section 10 of [Semantics]); o the response status code is final (see Section 10 of [Semantics]);
o if the response status code is 206 or 304, or the "must- o if the response status code is 206 or 304, or the "must-
understand" cache directive (see Section 5.2) is present: the understand" cache directive (see Section 5.2) is present: the
cache understands the response status code; cache understands the response status code;
o the "no-store" cache directive is not present in the response (see o the "no-store" cache directive is not present in the response (see
Section 5.2); Section 5.2);
o if the cache is shared: the "private" response directive is either o if the cache is shared: the "private" response directive is either
not present or allows a modified response to be stored by a shared not present or allows a shared cache to store a modified response;
cache; see Section 5.2.2.7); see Section 5.2.2.7);
o if the cache is shared: the Authorization header field is not o if the cache is shared: the Authorization header field is not
present in the request (see Section 9.5.3 of [Semantics]) or a present in the request (see Section 9.5.3 of [Semantics]) or a
response directive is present that explicitly allows shared response directive is present that explicitly allows shared
caching (see Section 3.3); and, caching (see Section 3.3); and,
o the response contains at least one of: o the response contains at least one of:
* a public response directive (see Section 5.2.2.6); * a public response directive (see Section 5.2.2.6);
skipping to change at page 8, line 34 skipping to change at page 8, line 30
* if the cache is shared, an s-maxage response directive (see * if the cache is shared, an s-maxage response directive (see
Section 5.2.2.10); Section 5.2.2.10);
* a Cache Control Extension that allows it to be cached (see * a Cache Control Extension that allows it to be cached (see
Section 5.2.3); or, Section 5.2.3); or,
* a status code that is defined as heuristically cacheable (see * a status code that is defined as heuristically cacheable (see
Section 4.2.2). Section 4.2.2).
Note that any of the requirements listed above can be overridden by a Note that a cache-control extension can override any of the
cache-control extension; see Section 5.2.3. requirements listed; see Section 5.2.3.
In this context, a cache has "understood" a request method or a In this context, a cache has "understood" a request method or a
response status code if it recognizes it and implements all specified response status code if it recognizes it and implements all specified
caching-related behavior. caching-related behavior.
Note that, in normal operation, some caches will not store a response Note that, in normal operation, some caches will not store a response
that has neither a cache validator nor an explicit expiration time, that has neither a cache validator nor an explicit expiration time,
as such responses are not usually useful to store. However, caches as such responses are not usually useful to store. However, caches
are not prohibited from storing such responses. are not prohibited from storing such responses.
3.1. Storing Header and Trailer Fields 3.1. Storing Header and Trailer Fields
Caches MUST include all received header fields - including Caches MUST include all received header fields - including
unrecognised ones - when storing a response; this assures that new unrecognised ones - when storing a response; this assures that new
HTTP header fields can be successfully deployed. However, the HTTP header fields can be successfully deployed. However, the
following exceptions are made: following exceptions are made:
o The Connection header field and fields whose names are listed in o The Connection header field and fields whose names are listed in
it are required by Section 9.1 of [Messaging] to be removed before it are required by Section 13.1 of [Messaging] to be removed
forwarding the message. This MAY be implemented by doing so before forwarding the message. This MAY be implemented by doing
before storage. so before storage.
o Likewise, some fields' semantics require them to be removed before o Likewise, some fields' semantics require them to be removed before
forwarding the message, and this MAY be implemented by doing so forwarding the message, and this MAY be implemented by doing so
before storage; see Section 9.1 of [Messaging] for some examples. before storage; see Section 13.1 of [Messaging] for some examples.
o Header fields that are specific to a client's proxy configuration o Header fields that are specific to a client's proxy configuration
MUST NOT be stored, unless the cache incorporates the identity of MUST NOT be stored, unless the cache incorporates the identity of
the proxy into the cache key. Effectively, this is limited to the proxy into the cache key. Effectively, this is limited to
Proxy-Authenticate (Section 11.3.2 of [Semantics]), Proxy- Proxy-Authenticate (Section 11.3.2 of [Semantics]), Proxy-
Authentication-Info (Section 11.3.4 of [Semantics]), and Proxy- Authentication-Info (Section 11.3.4 of [Semantics]), and Proxy-
Authorization (Section 9.5.4 of [Semantics]). Authorization (Section 9.5.4 of [Semantics]).
Caches MAY either store trailer fields separately from header fields, Caches MAY either store trailer fields separate from header fields,
or discard them. Caches MUST NOT combine trailer fields with header or discard them. Caches MUST NOT combine trailer fields with header
fields. fields.
3.2. Storing Incomplete Responses 3.2. Storing Incomplete Responses
If the request method is GET, the response status code is 200 (OK), If the request method is GET, the response status code is 200 (OK),
and the entire response header section has been received, a cache MAY and the entire response header section has been received, a cache MAY
store a response body that is not complete (Section 2.1 of store a response body that is not complete (Section 2.1 of
[Semantics]) if the stored response is recorded as being incomplete. [Semantics]) if the stored response is recorded as being incomplete.
Likewise, a 206 (Partial Content) response MAY be stored as if it Likewise, a 206 (Partial Content) response MAY be stored as if it
were an incomplete 200 (OK) response. However, a cache MUST NOT were an incomplete 200 (OK) response. However, a cache MUST NOT
store incomplete or partial-content responses if it does not support store incomplete or partial-content responses if it does not support
the Range and Content-Range header fields or if it does not the Range and Content-Range header fields or if it does not
understand the range units used in those fields. understand the range units used in those fields.
A cache MAY complete a stored incomplete response by making a A cache MAY complete a stored incomplete response by making a
subsequent range request (Section 9.3 of [Semantics]) and combining subsequent range request (Section 9.3 of [Semantics]) and combining
the successful response with the stored response, as defined in the successful response with the stored response, as defined in
Section 3.4. A cache MUST NOT use an incomplete response to answer Section 3.4. A cache MUST NOT use an incomplete response to answer
requests unless the response has been made complete or the request is requests unless the response has been made complete, or the request
partial and specifies a range that is wholly within the incomplete is partial and specifies a range wholly within the incomplete
response. A cache MUST NOT send a partial response to a client response. A cache MUST NOT send a partial response to a client
without explicitly marking it as such using the 206 (Partial Content) without explicitly marking it using the 206 (Partial Content) status
status code. code.
3.3. Storing Responses to Authenticated Requests 3.3. Storing Responses to Authenticated Requests
A shared cache MUST NOT use a cached response to a request with an A shared cache MUST NOT use a cached response to a request with an
Authorization header field (Section 9.5.3 of [Semantics]) to satisfy Authorization header field (Section 9.5.3 of [Semantics]) to satisfy
any subsequent request unless the response contains a Cache-Control any subsequent request unless the response contains a Cache-Control
field with a response directive (Section 5.2.2) that allows it to be field with a response directive (Section 5.2.2) that allows it to be
stored by a shared cache and the cache conforms to the requirements stored by a shared cache and the cache conforms to the requirements
of that directive for that response. of that directive for that response.
skipping to change at page 11, line 11 skipping to change at page 10, line 51
(Section 4.3), and (Section 4.3), and
o the stored response is either: o the stored response is either:
* fresh (see Section 4.2), or * fresh (see Section 4.2), or
* allowed to be served stale (see Section 4.2.4), or * allowed to be served stale (see Section 4.2.4), or
* successfully validated (see Section 4.3). * successfully validated (see Section 4.3).
Note that any of the requirements listed above can be overridden by a Note that a cache-control extension can override any of the
cache-control extension; see Section 5.2.3. requirements listed; see Section 5.2.3.
When a stored response is used to satisfy a request without When a stored response is used to satisfy a request without
validation, a cache MUST generate an Age header field (Section 5.1), validation, a cache MUST generate an Age header field (Section 5.1),
replacing any present in the response with a value equal to the replacing any present in the response with a value equal to the
stored response's current_age; see Section 4.2.3. stored response's current_age; see Section 4.2.3.
A cache MUST write through requests with methods that are unsafe A cache MUST write through requests with methods that are unsafe
(Section 8.2.1 of [Semantics]) to the origin server; i.e., a cache is (Section 8.2.1 of [Semantics]) to the origin server; i.e., a cache is
not allowed to generate a reply to such a request before having not allowed to generate a reply to such a request before having
forwarded the request and having received a corresponding response. forwarded the request and having received a corresponding response.
skipping to change at page 11, line 39 skipping to change at page 11, line 30
also forward the request with "Cache-Control: max-age=0" or "Cache- also forward the request with "Cache-Control: max-age=0" or "Cache-
Control: no-cache" to disambiguate which response to use. Control: no-cache" to disambiguate which response to use.
A cache that does not have a clock available MUST NOT use stored A cache that does not have a clock available MUST NOT use stored
responses without revalidating them upon every use. responses without revalidating them upon every use.
4.1. Calculating Cache Keys with Vary 4.1. Calculating Cache Keys with Vary
When a cache receives a request that can be satisfied by a stored When a cache receives a request that can be satisfied by a stored
response that has a Vary header field (Section 11.1.4 of response that has a Vary header field (Section 11.1.4 of
[Semantics]), it MUST NOT use that response unless all of the [Semantics]), it MUST NOT use that response unless all the selecting
selecting header fields nominated by the Vary header field match in header fields nominated by the Vary header field match in both the
both the original request (i.e., that associated with the stored original request (i.e., that associated with the stored response),
response), and the presented request. and the presented request.
The selecting header fields from two requests are defined to match if The selecting header fields from two requests are defined to match if
and only if those in the first request can be transformed to those in and only if those in the first request can be transformed to those in
the second request by applying any of the following: the second request by applying any of:
o adding or removing whitespace, where allowed in the header field's o adding or removing whitespace, where allowed in the header field's
syntax syntax
o combining multiple header fields with the same field name (see o combining multiple header fields with the same field name (see
Section 5.4 of [Semantics]) Section 5.4 of [Semantics])
o normalizing both header field values in a way that is known to o normalizing both header field values in a way that is known to
have identical semantics, according to the header field's have identical semantics, according to the header field's
specification (e.g., reordering field values when order is not specification (e.g., reordering field values when order is not
skipping to change at page 12, line 31 skipping to change at page 12, line 25
If multiple selected responses are available (potentially including If multiple selected responses are available (potentially including
responses without a Vary header field), the cache will need to choose responses without a Vary header field), the cache will need to choose
one to use. When a selecting header field has a known mechanism for one to use. When a selecting header field has a known mechanism for
doing so (e.g., qvalues on Accept and similar request header fields), doing so (e.g., qvalues on Accept and similar request header fields),
that mechanism MAY be used to select preferred responses; of the that mechanism MAY be used to select preferred responses; of the
remainder, the most recent response (as determined by the Date header remainder, the most recent response (as determined by the Date header
field) is used, as per Section 4. field) is used, as per Section 4.
Note that in practice, some resources might send the Vary header Note that in practice, some resources might send the Vary header
field on responses inconsistently. When a cache has multiple field on responses inconsistently. When a cache has multiple
responses for a given target URI, and one or more omits the Vary responses for a target URI, and one or more omits the Vary header
header field, it SHOULD use the most recent non-empty value available field, it SHOULD use the most recent non-empty value available to
to select an appropriate response for the request. select an appropriate response for the request.
If no selected response is available, the cache cannot satisfy the If no selected response is available, the cache cannot satisfy the
presented request. Typically, it is forwarded to the origin server presented request. Typically, it is forwarded to the origin server
in a (possibly conditional; see Section 4.3) request. in a (possibly conditional; see Section 4.3) request.
4.2. Freshness 4.2. Freshness
A fresh response is one whose age has not yet exceeded its freshness A fresh response is one whose age has not yet exceeded its freshness
lifetime. Conversely, a stale response is one where it has. lifetime. Conversely, a stale response is one where it has.
skipping to change at page 14, line 16 skipping to change at page 14, line 13
other than GMT or UTC to be invalid for calculating expiration. other than GMT or UTC to be invalid for calculating expiration.
Note that freshness applies only to cache operation; it cannot be Note that freshness applies only to cache operation; it cannot be
used to force a user agent to refresh its display or reload a used to force a user agent to refresh its display or reload a
resource. See Section 6 for an explanation of the difference between resource. See Section 6 for an explanation of the difference between
caches and history mechanisms. caches and history mechanisms.
4.2.1. Calculating Freshness Lifetime 4.2.1. Calculating Freshness Lifetime
A cache can calculate the freshness lifetime (denoted as A cache can calculate the freshness lifetime (denoted as
freshness_lifetime) of a response by using the first match of the freshness_lifetime) of a response by using the first match of:
following:
o If the cache is shared and the s-maxage response directive o If the cache is shared and the s-maxage response directive
(Section 5.2.2.10) is present, use its value, or (Section 5.2.2.10) is present, use its value, or
o If the max-age response directive (Section 5.2.2.9) is present, o If the max-age response directive (Section 5.2.2.9) is present,
use its value, or use its value, or
o If the Expires response header field (Section 5.3) is present, use o If the Expires response header field (Section 5.3) is present, use
its value minus the value of the Date response header field, or its value minus the value of the Date response header field, or
skipping to change at page 14, line 52 skipping to change at page 15, line 7
Since origin servers do not always provide explicit expiration times, Since origin servers do not always provide explicit expiration times,
a cache MAY assign a heuristic expiration time when an explicit time a cache MAY assign a heuristic expiration time when an explicit time
is not specified, employing algorithms that use other header field is not specified, employing algorithms that use other header field
values (such as the Last-Modified time) to estimate a plausible values (such as the Last-Modified time) to estimate a plausible
expiration time. This specification does not provide specific expiration time. This specification does not provide specific
algorithms, but does impose worst-case constraints on their results. algorithms, but does impose worst-case constraints on their results.
A cache MUST NOT use heuristics to determine freshness when an A cache MUST NOT use heuristics to determine freshness when an
explicit expiration time is present in the stored response. Because explicit expiration time is present in the stored response. Because
of the requirements in Section 3, this means that, effectively, of the requirements in Section 3, this means that heuristics can only
heuristics can only be used on responses without explicit freshness be used on responses without explicit freshness whose status codes
whose status codes are defined as "heuristically cacheable" (e.g., are defined as "heuristically cacheable" (e.g., see Section 10.1 of
see Section 10.1 of [Semantics]), and those responses without [Semantics]), and those responses without explicit freshness that
explicit freshness that have been marked as explicitly cacheable have been marked as explicitly cacheable (e.g., with a "public"
(e.g., with a "public" response directive). response directive).
Note that in previous specifications heuristically cacheable response Note that in previous specifications heuristically cacheable response
status codes were called "cacheable by default." status codes were called "cacheable by default."
If the response has a Last-Modified header field (Section 11.2.2 of If the response has a Last-Modified header field (Section 11.2.2 of
[Semantics]), caches are encouraged to use a heuristic expiration [Semantics]), caches are encouraged to use a heuristic expiration
value that is no more than some fraction of the interval since that value that is no more than some fraction of the interval since that
time. A typical setting of this fraction might be 10%. time. A typical setting of this fraction might be 10%.
| *Note:* Section 13.9 of [RFC2616] prohibited caches from | *Note:* Section 13.9 of [RFC2616] prohibited caches from
| calculating heuristic freshness for URIs with query components | calculating heuristic freshness for URIs with query components
| (i.e., those containing '?'). In practice, this has not been | (i.e., those containing '?'). In practice, this has not been
| widely implemented. Therefore, origin servers are encouraged | widely implemented. Therefore, origin servers are encouraged
| to send explicit directives (e.g., Cache-Control: no-cache) if | to send explicit directives (e.g., Cache-Control: no-cache) if
| they wish to preclude caching. | they wish to prevent caching.
4.2.3. Calculating Age 4.2.3. Calculating Age
The Age header field is used to convey an estimated age of the The Age header field is used to convey an estimated age of the
response message when obtained from a cache. The Age field value is response message when obtained from a cache. The Age field value is
the cache's estimate of the number of seconds since the response was the cache's estimate of the number of seconds since the origin server
generated or validated by the origin server. In essence, the Age generated or validated the response. The Age value is therefore the
value is the sum of the time that the response has been resident in sum of the time that the response has been resident in each of the
each of the caches along the path from the origin server, plus the caches along the path from the origin server, plus the time it has
amount of time it has been in transit along network paths. been in transit along network paths.
The following data is used for the age calculation: Age calculation uses the following data:
age_value The term "age_value" denotes the value of the Age header age_value The term "age_value" denotes the value of the Age header
field (Section 5.1), in a form appropriate for arithmetic field (Section 5.1), in a form appropriate for arithmetic
operation; or 0, if not available. operation; or 0, if not available.
date_value The term "date_value" denotes the value of the Date date_value The term "date_value" denotes the value of the Date
header field, in a form appropriate for arithmetic operations. header field, in a form appropriate for arithmetic operations.
See Section 11.1.1 of [Semantics] for the definition of the Date See Section 11.1.1 of [Semantics] for the definition of the Date
header field, and for requirements regarding responses without it. header field, and for requirements regarding responses without it.
skipping to change at page 16, line 36 skipping to change at page 16, line 41
These are combined as These are combined as
corrected_initial_age = max(apparent_age, corrected_age_value); corrected_initial_age = max(apparent_age, corrected_age_value);
unless the cache is confident in the value of the Age header field unless the cache is confident in the value of the Age header field
(e.g., because there are no HTTP/1.0 hops in the Via header field), (e.g., because there are no HTTP/1.0 hops in the Via header field),
in which case the corrected_age_value MAY be used as the in which case the corrected_age_value MAY be used as the
corrected_initial_age. corrected_initial_age.
The current_age of a stored response can then be calculated by adding The current_age of a stored response can then be calculated by adding
the amount of time (in seconds) since the stored response was last the time (in seconds) since the stored response was last validated by
validated by the origin server to the corrected_initial_age. the origin server to the corrected_initial_age.
resident_time = now - response_time; resident_time = now - response_time;
current_age = corrected_initial_age + resident_time; current_age = corrected_initial_age + resident_time;
4.2.4. Serving Stale Responses 4.2.4. Serving Stale Responses
A "stale" response is one that either has explicit expiry information A "stale" response is one that either has explicit expiry information
or is allowed to have heuristic expiry calculated, but is not fresh or is allowed to have heuristic expiry calculated, but is not fresh
according to the calculations in Section 4.2. according to the calculations in Section 4.2.
skipping to change at page 18, line 27 skipping to change at page 18, line 27
from other (outbound) caches. Likewise, some user agents make use of from other (outbound) caches. Likewise, some user agents make use of
conditional requests to limit data transfers to recently modified conditional requests to limit data transfers to recently modified
representations or to complete the transfer of a partially retrieved representations or to complete the transfer of a partially retrieved
representation. representation.
If a cache receives a request that can be satisfied by reusing one of If a cache receives a request that can be satisfied by reusing one of
its stored 200 (OK) or 206 (Partial Content) responses, the cache its stored 200 (OK) or 206 (Partial Content) responses, the cache
SHOULD evaluate any applicable conditional header field preconditions SHOULD evaluate any applicable conditional header field preconditions
received in that request with respect to the corresponding validators received in that request with respect to the corresponding validators
contained within the selected response. A cache MUST NOT evaluate contained within the selected response. A cache MUST NOT evaluate
conditional header fields that are only applicable to an origin conditional header fields that only apply to an origin server, occur
server, found in a request with semantics that cannot be satisfied in a request with semantics that cannot be satisfied with a cached
with a cached response, or applied to a target resource for which it response, or occur in a request with a target resource for which it
has no stored responses; such preconditions are likely intended for has no stored responses; such preconditions are likely intended for
some other (inbound) server. some other (inbound) server.
The proper evaluation of conditional requests by a cache depends on The proper evaluation of conditional requests by a cache depends on
the received precondition header fields and their precedence, as the received precondition header fields and their precedence, as
defined in Section 9.2.2 of [Semantics]. The If-Match and If- defined in Section 9.2.2 of [Semantics]. The If-Match and If-
Unmodified-Since conditional header fields are not applicable to a Unmodified-Since conditional header fields are not applicable to a
cache. cache.
A request containing an If-None-Match header field (Section 9.2.4 of A request containing an If-None-Match header field (Section 9.2.4 of
skipping to change at page 19, line 32 skipping to change at page 19, line 32
earlier than or equal to the conditional timestamp; 2) no Last- earlier than or equal to the conditional timestamp; 2) no Last-
Modified field is present in the selected stored response, but it has Modified field is present in the selected stored response, but it has
a Date field value that is earlier than or equal to the conditional a Date field value that is earlier than or equal to the conditional
timestamp; or, 3) neither Last-Modified nor Date is present in the timestamp; or, 3) neither Last-Modified nor Date is present in the
selected stored response, but the cache recorded it as having been selected stored response, but the cache recorded it as having been
received at a time earlier than or equal to the conditional received at a time earlier than or equal to the conditional
timestamp. timestamp.
A cache that implements partial responses to range requests, as A cache that implements partial responses to range requests, as
defined in Section 9.3 of [Semantics], also needs to evaluate a defined in Section 9.3 of [Semantics], also needs to evaluate a
received If-Range header field (Section 9.2.7 of [Semantics]) with received If-Range header field (Section 9.2.7 of [Semantics])
respect to its selected stored response. regarding its selected stored response.
4.3.3. Handling a Validation Response 4.3.3. Handling a Validation Response
Cache handling of a response to a conditional request is dependent Cache handling of a response to a conditional request depends upon
upon its status code: its status code:
o A 304 (Not Modified) response status code indicates that the o A 304 (Not Modified) response status code indicates that the
stored response can be updated and reused; see Section 4.3.4. stored response can be updated and reused; see Section 4.3.4.
o A full response (i.e., one with a payload body) indicates that o A full response (i.e., one with a payload body) indicates that
none of the stored responses nominated in the conditional request none of the stored responses nominated in the conditional request
is suitable. Instead, the cache MUST use the full response to is suitable. Instead, the cache MUST use the full response to
satisfy the request and MAY replace the stored response(s). satisfy the request and MAY replace the stored response(s).
o However, if a cache receives a 5xx (Server Error) response while o However, if a cache receives a 5xx (Server Error) response while
skipping to change at page 20, line 19 skipping to change at page 20, line 19
stored response (see Section 4.2.4). stored response (see Section 4.2.4).
4.3.4. Freshening Stored Responses upon Validation 4.3.4. Freshening Stored Responses upon Validation
When a cache receives a 304 (Not Modified) response and already has When a cache receives a 304 (Not Modified) response and already has
one or more stored 200 (OK) responses for the applicable cache key, one or more stored 200 (OK) responses for the applicable cache key,
the cache needs to identify which (if any) are to be updated by the the cache needs to identify which (if any) are to be updated by the
new information provided, and then do so. new information provided, and then do so.
The stored response(s) to update are identified by using the first The stored response(s) to update are identified by using the first
match (if any) of the following: match (if any) of:
o If the new response contains a strong validator (see o If the new response contains a strong validator (see
Section 11.2.1 of [Semantics]), then that strong validator Section 11.2.1 of [Semantics]), then that strong validator
identifies the selected representation for update. All of the identifies the selected representation for update. All the stored
stored responses with the same strong validator are identified for responses with the same strong validator are identified for
update. If none of the stored responses contain the same strong update. If none of the stored responses contain the same strong
validator, then the cache MUST NOT use the new response to update validator, then the cache MUST NOT use the new response to update
any stored responses. any stored responses.
o If the new response contains a weak validator and that validator o If the new response contains a weak validator and that validator
corresponds to one of the cache's stored responses, then the most corresponds to one of the cache's stored responses, then the most
recent of those matching stored responses is identified for recent of those matching stored responses is identified for
update. update.
o If the new response does not include any form of validator (such o If the new response does not include any form of validator (such
as in the case where a client generates an If-Modified-Since as where a client generates an If-Modified-Since request from a
request from a source other than the Last-Modified response header source other than the Last-Modified response header field), and
field), and there is only one stored response, and that stored there is only one stored response, and that stored response also
response also lacks a validator, then that stored response is lacks a validator, then that stored response is identified for
identified for update. update.
For each stored response identified for update, the cache MUST use For each stored response identified for update, the cache MUST use
the header fields provided in the 304 (Not Modified) response to the header fields provided in the 304 (Not Modified) response to
replace all instances of the corresponding header fields in the replace all instances of the corresponding header fields in the
stored response, with the following exceptions: stored response, with the following exceptions:
o The exceptions to header field storage in Section 3.1 also apply o The exceptions to header field storage in Section 3.1 also apply
to header field updates. to header field updates.
o Caches MUST NOT update the following header fields: Content- o Caches MUST NOT update the following header fields: Content-
skipping to change at page 21, line 15 skipping to change at page 21, line 15
4.3.5. Freshening Responses with HEAD 4.3.5. Freshening Responses with HEAD
A response to the HEAD method is identical to what an equivalent A response to the HEAD method is identical to what an equivalent
request made with a GET would have been, except it lacks a body. request made with a GET would have been, except it lacks a body.
This property of HEAD responses can be used to invalidate or update a This property of HEAD responses can be used to invalidate or update a
cached GET response if the more efficient conditional GET request cached GET response if the more efficient conditional GET request
mechanism is not available (due to no validators being present in the mechanism is not available (due to no validators being present in the
stored response) or if transmission of the representation body is not stored response) or if transmission of the representation body is not
desired even if it has changed. desired even if it has changed.
When a cache makes an inbound HEAD request for a given target URI and When a cache makes an inbound HEAD request for a target URI and
receives a 200 (OK) response, the cache SHOULD update or invalidate receives a 200 (OK) response, the cache SHOULD update or invalidate
each of its stored GET responses that could have been selected for each of its stored GET responses that could have been selected for
that request (see Section 4.1). that request (see Section 4.1).
For each of the stored responses that could have been selected, if For each of the stored responses that could have been selected, if
the stored response and HEAD response have matching values for any the stored response and HEAD response have matching values for any
received validator fields (ETag and Last-Modified) and, if the HEAD received validator fields (ETag and Last-Modified) and, if the HEAD
response has a Content-Length header field, the value of Content- response has a Content-Length header field, the value of Content-
Length matches that of the stored response, the cache SHOULD update Length matches that of the stored response, the cache SHOULD update
the stored response as described below; otherwise, the cache SHOULD the stored response as described below; otherwise, the cache SHOULD
skipping to change at page 21, line 49 skipping to change at page 21, line 49
PUT, POST or DELETE have the potential for changing state on the PUT, POST or DELETE have the potential for changing state on the
origin server, intervening caches are required to invalidate stored origin server, intervening caches are required to invalidate stored
responses to keep their contents up to date. Invalidate means that responses to keep their contents up to date. Invalidate means that
the cache will either remove all stored responses whose target URI the cache will either remove all stored responses whose target URI
matches the given URI, or will mark them as "invalid" and in need of matches the given URI, or will mark them as "invalid" and in need of
a mandatory validation before they can be sent in response to a a mandatory validation before they can be sent in response to a
subsequent request. subsequent request.
Note that this does not guarantee that all appropriate responses are Note that this does not guarantee that all appropriate responses are
invalidated globally; a state-changing request would only invalidate invalidated globally; a state-changing request would only invalidate
responses in the caches that it travels through. responses in the caches it travels through.
A cache MUST invalidate the target URI (Section 6.1 of [Semantics]) A cache MUST invalidate the target URI (Section 6.1 of [Semantics])
as well as the URI(s) in the Location and Content-Location response and the URI(s) in the Location and Content-Location response header
header fields (if present) when a non-error status code is received fields (if present) when a non-error status code is received in
in response to an unsafe request method. response to an unsafe request method.
However, a cache MUST NOT invalidate a URI from a Location or However, a cache MUST NOT invalidate a URI from a Location or
Content-Location response header field if the host part of that URI Content-Location response header field if the host part of that URI
differs from the host part in the target URI (Section 6.1 of differs from the host part in the target URI (Section 6.1 of
[Semantics]). This helps prevent denial-of-service attacks. [Semantics]). This helps prevent denial-of-service attacks.
A cache MUST invalidate the target URI (Section 6.1 of [Semantics]) A cache MUST invalidate the target URI (Section 6.1 of [Semantics])
when it receives a non-error response to a request with a method when it receives a non-error response to a request with a method
whose safety is unknown. whose safety is unknown.
Here, a "non-error response" is one with a 2xx (Successful) or 3xx Here, a "non-error response" is one with a 2xx (Successful) or 3xx
(Redirection) status code. (Redirection) status code.
5. Field Definitions 5. Field Definitions
This section defines the syntax and semantics of HTTP fields related This section defines the syntax and semantics of HTTP fields related
to caching. to caching.
+---------------+-----------+-------------+ --------------- ----------- ------
| Field Name | Status | Reference | Field Name Status Ref.
| Age | standard | Section 5.1 | --------------- ----------- ------
| Cache-Control | standard | Section 5.2 | Age standard 5.1
| Expires | standard | Section 5.3 | Cache-Control standard 5.2
| Pragma | standard | Section 5.4 | Expires standard 5.3
| Warning | obsoleted | Section 5.5 | Pragma standard 5.4
+---------------+-----------+-------------+ Warning obsoleted 5.5
--------------- ----------- ------
Table 1 Table 1
5.1. Age 5.1. Age
The "Age" header field conveys the sender's estimate of the amount of The "Age" header field conveys the sender's estimate of the time
time since the response was generated or successfully validated at since the response was generated or successfully validated at the
the origin server. Age values are calculated as specified in origin server. Age values are calculated as specified in
Section 4.2.3. Section 4.2.3.
Age = delta-seconds Age = delta-seconds
The Age field value is a non-negative integer, representing time in The Age field value is a non-negative integer, representing time in
seconds (see Section 1.3). seconds (see Section 1.3). A cache SHOULD consider a response to be
stale if an Age field is present and its value is invalid (i.e.,
contains a list or something other than a non-negative integer).
The presence of an Age header field implies that the response was not The presence of an Age header field implies that the response was not
generated or validated by the origin server for this request. generated or validated by the origin server for this request.
However, lack of an Age header field does not imply the origin was However, lack of an Age header field does not imply the origin was
contacted, since the response might have been received from an contacted, since the response might have been received from an
HTTP/1.0 cache that does not implement Age. HTTP/1.0 cache that does not implement Age.
5.2. Cache-Control 5.2. Cache-Control
The "Cache-Control" header field is used to list directives for The "Cache-Control" header field is used to list directives for
skipping to change at page 23, line 26 skipping to change at page 23, line 26
not imply that the same directive is present in the response, or to not imply that the same directive is present in the response, or to
be repeated in it. be repeated in it.
See Section 5.2.3 for information about how Cache-Control directives See Section 5.2.3 for information about how Cache-Control directives
defined elsewhere are handled. defined elsewhere are handled.
| *Note:* Some HTTP/1.0 caches might not implement Cache-Control. | *Note:* Some HTTP/1.0 caches might not implement Cache-Control.
A proxy, whether or not it implements a cache, MUST pass cache A proxy, whether or not it implements a cache, MUST pass cache
directives through in forwarded messages, regardless of their directives through in forwarded messages, regardless of their
significance to that application, since the directives might be significance to that application, since the directives might apply to
applicable to all recipients along the request/response chain. It is all recipients along the request/response chain. It is not possible
not possible to target a directive to a specific cache. to target a directive to a specific cache.
Cache directives are identified by a token, to be compared case- Cache directives are identified by a token, to be compared case-
insensitively, and have an optional argument, that can use both token insensitively, and have an optional argument that can use both token
and quoted-string syntax. For the directives defined below that and quoted-string syntax. For the directives defined below that
define arguments, recipients ought to accept both forms, even if a define arguments, recipients ought to accept both forms, even if a
specific form is required for generation. specific form is required for generation.
Cache-Control = 1#cache-directive Cache-Control = #cache-directive
cache-directive = token [ "=" ( token / quoted-string ) ] cache-directive = token [ "=" ( token / quoted-string ) ]
For the cache directives defined below, no argument is defined (nor For the cache directives defined below, no argument is defined (nor
allowed) unless stated otherwise. allowed) unless stated otherwise.
+------------------+----------------------------------+ ------------------ ----------------------------------
| Cache Directive | Reference | Cache Directive Reference
| max-age | Section 5.2.1.1, Section 5.2.2.9 | ------------------ ----------------------------------
| max-stale | Section 5.2.1.2 | max-age Section 5.2.1.1, Section 5.2.2.9
| min-fresh | Section 5.2.1.3 | max-stale Section 5.2.1.2
| must-revalidate | Section 5.2.2.1 | min-fresh Section 5.2.1.3
| must-understand | Section 5.2.2.2 | must-revalidate Section 5.2.2.1
| no-cache | Section 5.2.1.4, Section 5.2.2.3 | must-understand Section 5.2.2.2
| no-store | Section 5.2.1.5, Section 5.2.2.4 | no-cache Section 5.2.1.4, Section 5.2.2.3
| no-transform | Section 5.2.1.6, Section 5.2.2.5 | no-store Section 5.2.1.5, Section 5.2.2.4
| only-if-cached | Section 5.2.1.7 | no-transform Section 5.2.1.6, Section 5.2.2.5
| private | Section 5.2.2.7 | only-if-cached Section 5.2.1.7
| proxy-revalidate | Section 5.2.2.8 | private Section 5.2.2.7
| public | Section 5.2.2.6 | proxy-revalidate Section 5.2.2.8
| s-maxage | Section 5.2.2.10 | public Section 5.2.2.6
+------------------+----------------------------------+ s-maxage Section 5.2.2.10
------------------ ----------------------------------
Table 2 Table 2
5.2.1. Request Cache-Control Directives 5.2.1. Request Cache-Control Directives
This section defines cache request directives. They are advisory; This section defines cache request directives. They are advisory;
caches MAY implement them, but are not required to. caches MAY implement them, but are not required to.
5.2.1.1. max-age 5.2.1.1. max-age
skipping to change at page 24, line 50 skipping to change at page 25, line 5
This directive uses the token form of the argument syntax: e.g., This directive uses the token form of the argument syntax: e.g.,
'max-age=5' not 'max-age="5"'. A sender MUST NOT generate the 'max-age=5' not 'max-age="5"'. A sender MUST NOT generate the
quoted-string form. quoted-string form.
5.2.1.2. max-stale 5.2.1.2. max-stale
Argument syntax: Argument syntax:
delta-seconds (see Section 1.3) delta-seconds (see Section 1.3)
The "max-stale" request directive indicates that the client is The "max-stale" request directive indicates that the client will
willing to accept a response that has exceeded its freshness accept a response that has exceeded its freshness lifetime. If a
lifetime. If a value is present, then the client is willing to value is present, then the client is willing to accept a response
accept a response that has exceeded its freshness lifetime by no more that has exceeded its freshness lifetime by no more than the
than the specified number of seconds. If no value is assigned to specified number of seconds. If no value is assigned to max-stale,
max-stale, then the client is willing to accept a stale response of then the client will accept a stale response of any age.
any age.
This directive uses the token form of the argument syntax: e.g., This directive uses the token form of the argument syntax: e.g.,
'max-stale=10' not 'max-stale="10"'. A sender MUST NOT generate the 'max-stale=10' not 'max-stale="10"'. A sender MUST NOT generate the
quoted-string form. quoted-string form.
5.2.1.3. min-fresh 5.2.1.3. min-fresh
Argument syntax: Argument syntax:
delta-seconds (see Section 1.3) delta-seconds (see Section 1.3)
skipping to change at page 26, line 12 skipping to change at page 26, line 12
recognize or obey this directive, and communications networks might recognize or obey this directive, and communications networks might
be vulnerable to eavesdropping. be vulnerable to eavesdropping.
Note that if a request containing this directive is satisfied from a Note that if a request containing this directive is satisfied from a
cache, the no-store request directive does not apply to the already cache, the no-store request directive does not apply to the already
stored response. stored response.
5.2.1.6. no-transform 5.2.1.6. no-transform
The "no-transform" request directive indicates that the client is The "no-transform" request directive indicates that the client is
asking for intermediares (whether or not they implement a cache) to asking for intermediaries to avoid transforming the payload, as
avoid transforming the payload, as defined in Section 6.7.2 of defined in Section 6.6.2 of [Semantics].
[Semantics].
5.2.1.7. only-if-cached 5.2.1.7. only-if-cached
The "only-if-cached" request directive indicates that the client only The "only-if-cached" request directive indicates that the client only
wishes to obtain a stored response. Caches that honor this request wishes to obtain a stored response. Caches that honor this request
directive SHOULD, upon receiving it, either respond using a stored directive SHOULD, upon receiving it, either respond using a stored
response that is consistent with the other constraints of the response consistent with the other constraints of the request, or
request, or respond with a 504 (Gateway Timeout) status code. respond with a 504 (Gateway Timeout) status code.
5.2.2. Response Cache-Control Directives 5.2.2. Response Cache-Control Directives
This section defines cache response directives. A cache MUST obey This section defines cache response directives. A cache MUST obey
the requirements of the Cache-Control directives defined in this the Cache-Control directives defined in this section.
section.
5.2.2.1. must-revalidate 5.2.2.1. must-revalidate
The "must-revalidate" response directive indicates that once the The "must-revalidate" response directive indicates that once the
response has become stale, a cache MUST NOT reuse that response to response has become stale, a cache MUST NOT reuse that response to
satisfy another request until it has been successfully validated by satisfy another request until it has been successfully validated by
the origin, as defined by Section 4.3. the origin, as defined by Section 4.3.
The must-revalidate directive is necessary to support reliable The must-revalidate directive is necessary to support reliable
operation for certain protocol features. In all circumstances a operation for certain protocol features. In all circumstances a
cache MUST obey the must-revalidate directive; in particular, if a cache MUST obey the must-revalidate directive; in particular, if a
cache is disconnected, the cache MUST generate a 504 (Gateway cache is disconnected, the cache MUST generate a 504 (Gateway
Timeout) response rather than reuse the stale response. Timeout) response rather than reuse the stale response.
The must-revalidate directive ought to be used by servers if and only The must-revalidate directive ought to be used by servers if and only
if failure to validate a request on the representation could result if failure to validate a request on the representation could cause
in incorrect operation, such as a silently unexecuted financial incorrect operation, such as a silently unexecuted financial
transaction. transaction.
The must-revalidate directive also permits a shared cache to reuse a The must-revalidate directive also permits a shared cache to reuse a
response to a request containing an Authorization header field, response to a request containing an Authorization header field,
subject to the above requirement on revalidation (Section 3.3). subject to the above requirement on revalidation (Section 3.3).
5.2.2.2. must-understand 5.2.2.2. must-understand
The "must-understand" response directive limits caching of the The "must-understand" response directive limits caching of the
response to a cache that understands and conforms to the requirements response to a cache that understands and conforms to the requirements
skipping to change at page 28, line 26 skipping to change at page 28, line 26
This directive is NOT a reliable or sufficient mechanism for ensuring This directive is NOT a reliable or sufficient mechanism for ensuring
privacy. In particular, malicious or compromised caches might not privacy. In particular, malicious or compromised caches might not
recognize or obey this directive, and communications networks might recognize or obey this directive, and communications networks might
be vulnerable to eavesdropping. be vulnerable to eavesdropping.
5.2.2.5. no-transform 5.2.2.5. no-transform
The "no-transform" response directive indicates that an intermediary The "no-transform" response directive indicates that an intermediary
(regardless of whether it implements a cache) MUST NOT transform the (regardless of whether it implements a cache) MUST NOT transform the
payload, as defined in Section 6.7.2 of [Semantics]. payload, as defined in Section 6.6.2 of [Semantics].
5.2.2.6. public 5.2.2.6. public
The "public" response directive indicates that a cache MAY store the The "public" response directive indicates that a cache MAY store the
response even if it would otherwise be prohibited, subject to the response even if it would otherwise be prohibited, subject to the
constraints defined in Section 3. In other words, public explicitly constraints defined in Section 3. In other words, public explicitly
marks the response as cacheable. For example, public permits a marks the response as cacheable. For example, public permits a
shared cache to reuse a response to a request containing an shared cache to reuse a response to a request containing an
Authorization header field (Section 3.3). Authorization header field (Section 3.3).
Note that it is not necessary to add the public directive to a Note that it is unnecessary to add the public directive to a response
response that is already cacheable according to Section 3. that is already cacheable according to Section 3.
If no explicit freshness information is provided on a response with If a response with the public directive has no explicit freshness
the public directive, it is heuristically cacheable (Section 4.2.2). information, it is heuristically cacheable (Section 4.2.2).
5.2.2.7. private 5.2.2.7. private
Argument syntax: Argument syntax:
#field-name #field-name
The unqualified "private" response directive indicates that a shared The unqualified "private" response directive indicates that a shared
cache MUST NOT store the response (i.e., the response is intended for cache MUST NOT store the response (i.e., the response is intended for
a single user). It also indicates that a private cache MAY store the a single user). It also indicates that a private cache MAY store the
skipping to change at page 34, line 41 skipping to change at page 34, line 41
HTTP/1.1. HTTP/1.1.
7.2. Timing Attacks 7.2. Timing Attacks
Because one of the primary uses of a cache is to optimise Because one of the primary uses of a cache is to optimise
performance, its use can "leak" information about what resources have performance, its use can "leak" information about what resources have
been previously requested. been previously requested.
For example, if a user visits a site and their browser caches some of For example, if a user visits a site and their browser caches some of
its responses, and then navigates to a second site, that site can its responses, and then navigates to a second site, that site can
attempt to load responses that it knows exists on the first site. If attempt to load responses it knows exists on the first site. If they
they load very quickly, it can be assumed that the user has visited load quickly, it can be assumed that the user has visited that site,
that site, or even a specific page on it. or even a specific page on it.
Such "timing attacks" can be mitigated by adding more information to Such "timing attacks" can be mitigated by adding more information to
the cache key, such as the identity of the referring site (to prevent the cache key, such as the identity of the referring site (to prevent
the attack described above). This is sometimes called "double the attack described above). This is sometimes called "double
keying." keying."
7.3. Caching of Sensitive Information 7.3. Caching of Sensitive Information
Implementation and deployment flaws (as well as misunderstanding of Implementation and deployment flaws (as well as misunderstanding of
cache operation) might lead to caching of sensitive information cache operation) might lead to caching of sensitive information
skipping to change at page 35, line 49 skipping to change at page 35, line 49
Codes" registry at <https://www.iana.org/assignments/http-warn-codes> Codes" registry at <https://www.iana.org/assignments/http-warn-codes>
to the effect that Warning is obsoleted. to the effect that Warning is obsoleted.
9. References 9. References
9.1. Normative References 9.1. Normative References
[Messaging] [Messaging]
Fielding, R., Ed., Nottingham, M., Ed., and J. F. Reschke, Fielding, R., Ed., Nottingham, M., Ed., and J. F. Reschke,
Ed., "HTTP/1.1 Messaging", Work in Progress, Internet- Ed., "HTTP/1.1 Messaging", Work in Progress, Internet-
Draft, draft-ietf-httpbis-messaging-10, July 12, 2020, Draft, draft-ietf-httpbis-messaging-11, August 27, 2020,
<https://tools.ietf.org/html/draft-ietf-httpbis-messaging- <https://tools.ietf.org/html/draft-ietf-httpbis-messaging-
10>. 11>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66, Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, DOI 10.17487/RFC3986, January 2005, RFC 3986, DOI 10.17487/RFC3986, January 2005,
<https://www.rfc-editor.org/info/rfc3986>. <https://www.rfc-editor.org/info/rfc3986>.
skipping to change at page 36, line 31 skipping to change at page 36, line 31
RFC 7405, DOI 10.17487/RFC7405, December 2014, RFC 7405, DOI 10.17487/RFC7405, December 2014,
<https://www.rfc-editor.org/info/rfc7405>. <https://www.rfc-editor.org/info/rfc7405>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[Semantics] [Semantics]
Fielding, R., Ed., Nottingham, M., Ed., and J. F. Reschke, Fielding, R., Ed., Nottingham, M., Ed., and J. F. Reschke,
Ed., "HTTP Semantics", Work in Progress, Internet-Draft, Ed., "HTTP Semantics", Work in Progress, Internet-Draft,
draft-ietf-httpbis-semantics-10, July 12, 2020, draft-ietf-httpbis-semantics-11, August 27, 2020,
<https://tools.ietf.org/html/draft-ietf-httpbis-semantics- <https://tools.ietf.org/html/draft-ietf-httpbis-semantics-
10>. 11>.
[USASCII] American National Standards Institute, "Coded Character [USASCII] American National Standards Institute, "Coded Character
Set -- 7-bit American Standard Code for Information Set -- 7-bit American Standard Code for Information
Interchange", ANSI X3.4, 1986. Interchange", ANSI X3.4, 1986.
9.2. Informative References 9.2. Informative References
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, Transfer Protocol -- HTTP/1.1", RFC 2616,
skipping to change at page 37, line 31 skipping to change at page 37, line 31
RFC 8126, DOI 10.17487/RFC8126, June 2017, RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>. <https://www.rfc-editor.org/info/rfc8126>.
Appendix A. Collected ABNF Appendix A. Collected ABNF
In the collected ABNF below, list rules are expanded as per In the collected ABNF below, list rules are expanded as per
Section 5.5.1 of [Semantics]. Section 5.5.1 of [Semantics].
Age = delta-seconds Age = delta-seconds
Cache-Control = cache-directive *( OWS "," OWS cache-directive ) Cache-Control = [ cache-directive *( OWS "," OWS cache-directive ) ]
Expires = HTTP-date Expires = HTTP-date
HTTP-date = <HTTP-date, see [Semantics], Section 5.4.1.5> HTTP-date = <HTTP-date, see [Semantics], Section 5.4.1.5>
OWS = <OWS, see [Semantics], Section 1.2.1> OWS = <OWS, see [Semantics], Section 1.6.1>
cache-directive = token [ "=" ( token / quoted-string ) ] cache-directive = token [ "=" ( token / quoted-string ) ]
delta-seconds = 1*DIGIT delta-seconds = 1*DIGIT
field-name = <field-name, see [Semantics], Section 5.3> field-name = <field-name, see [Semantics], Section 5.3>
quoted-string = <quoted-string, see [Semantics], Section 5.4.1.2> quoted-string = <quoted-string, see [Semantics], Section 5.4.1.2>
token = <token, see [Semantics], Section 5.4.1.1> token = <token, see [Semantics], Section 5.4.1.1>
Appendix B. Changes from RFC 7234 Appendix B. Changes from RFC 7234
Handling invalid and multiple Age header field values has been
clarified. (Section 5.1)
Some cache directives defined by this specification now have stronger Some cache directives defined by this specification now have stronger
prohibitions against generating the quoted form of their values, prohibitions against generating the quoted form of their values,
since this has been found to create interoperability problems. since this has been found to create interoperability problems.
Consumers of extension cache directives are no longer required to Consumers of extension cache directives are no longer required to
accept both token and quoted-string forms, but they still need to accept both token and quoted-string forms, but they still need to
properly parse them for unknown extensions. (Section 5.2) parse them properly for unknown extensions. (Section 5.2)
The "public" and "private" cache directives were clarified, so that The "public" and "private" cache directives were clarified, so that
they do not make responses reusable under any condition. they do not make responses reusable under any condition.
(Section 5.2.2) (Section 5.2.2)
The "must-understand" cache directive was introduced; caches are no The "must-understand" cache directive was introduced; caches are no
longer required to understand the semantics of new response status longer required to understand the semantics of new response status
codes unless it is present. (Section 5.2.2.2) codes unless it is present. (Section 5.2.2.2)
The Warning response header was obsoleted. Much of the information The Warning response header was obsoleted. Much of the information
skipping to change at page 41, line 42 skipping to change at page 41, line 42
o In Section 3.2, move definition of "complete" into semantics o In Section 3.2, move definition of "complete" into semantics
(<https://github.com/httpwg/http-core/issues/334>) (<https://github.com/httpwg/http-core/issues/334>)
C.10. Since draft-ietf-httpbis-cache-08 C.10. Since draft-ietf-httpbis-cache-08
o Appendix A now uses the sender variant of the "#" list expansion o Appendix A now uses the sender variant of the "#" list expansion
(<https://github.com/httpwg/http-core/issues/192>) (<https://github.com/httpwg/http-core/issues/192>)
C.11. Since draft-ietf-httpbis-cache-09 C.11. Since draft-ietf-httpbis-cache-09
o In Section 5.1, discuss handling of invalid and multiple Age
header field values (<https://github.com/httpwg/http-core/
issues/193>)
o Switch to xml2rfc v3 mode for draft generation o Switch to xml2rfc v3 mode for draft generation
(<https://github.com/httpwg/http-core/issues/394>) (<https://github.com/httpwg/http-core/issues/394>)
C.12. Since draft-ietf-httpbis-cache-10
o In Section 5.2 (Cache-Control), adjust ABNF to allow empty lists
(<https://github.com/httpwg/http-core/issues/210>)
Acknowledgments Acknowledgments
See Appendix "Acknowledgments" of [Semantics]. See Appendix "Acknowledgments" of [Semantics].
Authors' Addresses Authors' Addresses
Roy T. Fielding (editor) Roy T. Fielding (editor)
Adobe Adobe
345 Park Ave 345 Park Ave
San Jose, CA 95110 San Jose, CA 95110
United States of America United States of America
Email: fielding@gbiv.com Email: fielding@gbiv.com
URI: https://roy.gbiv.com/ URI: https://roy.gbiv.com/
Mark Nottingham (editor) Mark Nottingham (editor)
Fastly Fastly
Prahran VIC
Australia
Email: mnot@mnot.net Email: mnot@mnot.net
URI: https://www.mnot.net/ URI: https://www.mnot.net/
Julian F. Reschke (editor) Julian F. Reschke (editor)
greenbytes GmbH greenbytes GmbH
Hafenweg 16 Hafenweg 16
48155 Münster 48155 Münster
Germany Germany
 End of changes. 75 change blocks. 
174 lines changed or deleted 187 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/