draft-ietf-httpbis-cache-11.txt   draft-ietf-httpbis-cache-12.txt 
HTTP Working Group R. Fielding, Ed. HTTP Working Group R. Fielding, Ed.
Internet-Draft Adobe Internet-Draft Adobe
Obsoletes: 7234 (if approved) M. Nottingham, Ed. Obsoletes: 7234 (if approved) M. Nottingham, Ed.
Intended status: Standards Track Fastly Intended status: Standards Track Fastly
Expires: February 28, 2021 J. F. Reschke, Ed. Expires: April 5, 2021 J. Reschke, Ed.
greenbytes greenbytes
August 27, 2020 October 2, 2020
HTTP Caching HTTP Caching
draft-ietf-httpbis-cache-11 draft-ietf-httpbis-cache-12
Abstract Abstract
The Hypertext Transfer Protocol (HTTP) is a stateless application- The Hypertext Transfer Protocol (HTTP) is a stateless application-
level protocol for distributed, collaborative, hypertext information level protocol for distributed, collaborative, hypertext information
systems. This document defines HTTP caches and the associated header systems. This document defines HTTP caches and the associated header
fields that control cache behavior or indicate cacheable response fields that control cache behavior or indicate cacheable response
messages. messages.
This document obsoletes RFC 7234. This document obsoletes RFC 7234.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
This note is to be removed before publishing as an RFC. This note is to be removed before publishing as an RFC.
Discussion of this draft takes place on the HTTP working group Discussion of this draft takes place on the HTTP working group
mailing list (ietf-http-wg@w3.org), which is archived at mailing list (ietf-http-wg@w3.org), which is archived at
<https://lists.w3.org/Archives/Public/ietf-http-wg/>. <https://lists.w3.org/Archives/Public/ietf-http-wg/>.
Working Group information can be found at <https://httpwg.org/>; Working Group information can be found at <https://httpwg.org/>;
source code and issues list for this draft can be found at source code and issues list for this draft can be found at
<https://github.com/httpwg/http-core>. <https://github.com/httpwg/http-core>.
The changes in this draft are summarized in Appendix C.12. The changes in this draft are summarized in Appendix C.13.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 28, 2021. This Internet-Draft will expire on April 5, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 4, line 21 skipping to change at page 4, line 21
C.3. Since draft-ietf-httpbis-cache-01 . . . . . . . . . . . . 39 C.3. Since draft-ietf-httpbis-cache-01 . . . . . . . . . . . . 39
C.4. Since draft-ietf-httpbis-cache-02 . . . . . . . . . . . . 39 C.4. Since draft-ietf-httpbis-cache-02 . . . . . . . . . . . . 39
C.5. Since draft-ietf-httpbis-cache-03 . . . . . . . . . . . . 39 C.5. Since draft-ietf-httpbis-cache-03 . . . . . . . . . . . . 39
C.6. Since draft-ietf-httpbis-cache-04 . . . . . . . . . . . . 40 C.6. Since draft-ietf-httpbis-cache-04 . . . . . . . . . . . . 40
C.7. Since draft-ietf-httpbis-cache-05 . . . . . . . . . . . . 40 C.7. Since draft-ietf-httpbis-cache-05 . . . . . . . . . . . . 40
C.8. Since draft-ietf-httpbis-cache-06 . . . . . . . . . . . . 40 C.8. Since draft-ietf-httpbis-cache-06 . . . . . . . . . . . . 40
C.9. Since draft-ietf-httpbis-cache-07 . . . . . . . . . . . . 41 C.9. Since draft-ietf-httpbis-cache-07 . . . . . . . . . . . . 41
C.10. Since draft-ietf-httpbis-cache-08 . . . . . . . . . . . . 41 C.10. Since draft-ietf-httpbis-cache-08 . . . . . . . . . . . . 41
C.11. Since draft-ietf-httpbis-cache-09 . . . . . . . . . . . . 41 C.11. Since draft-ietf-httpbis-cache-09 . . . . . . . . . . . . 41
C.12. Since draft-ietf-httpbis-cache-10 . . . . . . . . . . . . 41 C.12. Since draft-ietf-httpbis-cache-10 . . . . . . . . . . . . 41
C.13. Since draft-ietf-httpbis-cache-11 . . . . . . . . . . . . 42
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 42 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 42
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 42 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 42
1. Introduction 1. Introduction
The Hypertext Transfer Protocol (HTTP) is a stateless application- The Hypertext Transfer Protocol (HTTP) is a stateless application-
level request/response protocol that uses extensible semantics and level request/response protocol that uses extensible semantics and
self-descriptive messages for flexible interaction with network-based self-descriptive messages for flexible interaction with network-based
hypertext information systems. HTTP is defined by a series of hypertext information systems. HTTP is defined by a series of
documents that collectively form the HTTP/1.1 specification: documents that collectively form the HTTP/1.1 specification:
skipping to change at page 5, line 32 skipping to change at page 5, line 32
in Appendix B. in Appendix B.
1.1. Requirements Notation 1.1. Requirements Notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
Section 3 of [Semantics] defines conformance criteria and contains Section 2 of [Semantics] defines conformance criteria and contains
considerations regarding error handling. considerations regarding error handling.
1.2. Syntax Notation 1.2. Syntax Notation
This specification uses the Augmented Backus-Naur Form (ABNF) This specification uses the Augmented Backus-Naur Form (ABNF)
notation of [RFC5234], extended with the notation for case- notation of [RFC5234], extended with the notation for case-
sensitivity in strings defined in [RFC7405]. sensitivity in strings defined in [RFC7405].
It also uses a list extension, defined in Section 5.5 of [Semantics], It also uses a list extension, defined in Section 5.7.1 of
that allows for compact definition of comma-separated lists using a [Semantics], that allows for compact definition of comma-separated
'#' operator (similar to how the '*' operator indicates repetition). lists using a '#' operator (similar to how the '*' operator indicates
Appendix A shows the collected grammar with all list operators repetition). Appendix A shows the collected grammar with all list
expanded to standard ABNF notation. operators expanded to standard ABNF notation.
The following core rules are included by reference, as defined in The following core rules are included by reference, as defined in
[RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF [RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF
(CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote), (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote),
HEXDIG (hexadecimal 0-9/A-F/a-f), HTAB (horizontal tab), LF (line HEXDIG (hexadecimal 0-9/A-F/a-f), HTAB (horizontal tab), LF (line
feed), OCTET (any 8-bit sequence of data), SP (space), and VCHAR (any feed), OCTET (any 8-bit sequence of data), SP (space), and VCHAR (any
visible [USASCII] character). visible [USASCII] character).
[Semantics] defines the following rules: [Semantics] defines the following rules:
HTTP-date = <HTTP-date, see [Semantics], Section 5.4.1.5> HTTP-date = <HTTP-date, see [Semantics], Section 5.7.7>
OWS = <OWS, see [Semantics], Section 1.6.1> OWS = <OWS, see [Semantics], Section 5.7.3>
field-name = <field-name, see [Semantics], Section 5.3> field-name = <field-name, see [Semantics], Section 5.4.3>
quoted-string = <quoted-string, see [Semantics], Section 5.4.1.2> quoted-string = <quoted-string, see [Semantics], Section 5.7.4>
token = <token, see [Semantics], Section 5.4.1.1> token = <token, see [Semantics], Section 5.7.2>
1.3. Delta Seconds 1.3. Delta Seconds
The delta-seconds rule specifies a non-negative integer, representing The delta-seconds rule specifies a non-negative integer, representing
time in seconds. time in seconds.
delta-seconds = 1*DIGIT delta-seconds = 1*DIGIT
A recipient parsing a delta-seconds value and converting it to binary A recipient parsing a delta-seconds value and converting it to binary
form ought to use an arithmetic type of at least 31 bits of non- form ought to use an arithmetic type of at least 31 bits of non-
skipping to change at page 7, line 41 skipping to change at page 7, line 41
A cache is disconnected when it cannot contact the origin server or A cache is disconnected when it cannot contact the origin server or
otherwise find a forward path for a request. A disconnected cache otherwise find a forward path for a request. A disconnected cache
can serve stale responses in some circumstances (Section 4.2.4). can serve stale responses in some circumstances (Section 4.2.4).
3. Storing Responses in Caches 3. Storing Responses in Caches
A cache MUST NOT store a response to a request unless: A cache MUST NOT store a response to a request unless:
o the request method is understood by the cache; o the request method is understood by the cache;
o the response status code is final (see Section 10 of [Semantics]); o the response status code is final (see Section 14 of [Semantics]);
o if the response status code is 206 or 304, or the "must- o if the response status code is 206 or 304, or the "must-
understand" cache directive (see Section 5.2) is present: the understand" cache directive (see Section 5.2) is present: the
cache understands the response status code; cache understands the response status code;
o the "no-store" cache directive is not present in the response (see o the "no-store" cache directive is not present in the response (see
Section 5.2); Section 5.2);
o if the cache is shared: the "private" response directive is either o if the cache is shared: the "private" response directive is either
not present or allows a shared cache to store a modified response; not present or allows a shared cache to store a modified response;
see Section 5.2.2.7); see Section 5.2.2.7);
o if the cache is shared: the Authorization header field is not o if the cache is shared: the Authorization header field is not
present in the request (see Section 9.5.3 of [Semantics]) or a present in the request (see Section 10.6.2 of [Semantics]) or a
response directive is present that explicitly allows shared response directive is present that explicitly allows shared
caching (see Section 3.3); and, caching (see Section 3.3); and,
o the response contains at least one of: o the response contains at least one of:
* a public response directive (see Section 5.2.2.6); * a public response directive (see Section 5.2.2.6);
* a private response directive, if the cache is not shared (see * a private response directive, if the cache is not shared (see
Section 5.2.2.7); Section 5.2.2.7);
skipping to change at page 9, line 12 skipping to change at page 9, line 12
before forwarding the message. This MAY be implemented by doing before forwarding the message. This MAY be implemented by doing
so before storage. so before storage.
o Likewise, some fields' semantics require them to be removed before o Likewise, some fields' semantics require them to be removed before
forwarding the message, and this MAY be implemented by doing so forwarding the message, and this MAY be implemented by doing so
before storage; see Section 13.1 of [Messaging] for some examples. before storage; see Section 13.1 of [Messaging] for some examples.
o Header fields that are specific to a client's proxy configuration o Header fields that are specific to a client's proxy configuration
MUST NOT be stored, unless the cache incorporates the identity of MUST NOT be stored, unless the cache incorporates the identity of
the proxy into the cache key. Effectively, this is limited to the proxy into the cache key. Effectively, this is limited to
Proxy-Authenticate (Section 11.3.2 of [Semantics]), Proxy- Proxy-Authenticate (Section 10.7.1 of [Semantics]), Proxy-
Authentication-Info (Section 11.3.4 of [Semantics]), and Proxy- Authentication-Info (Section 10.7.3 of [Semantics]), and Proxy-
Authorization (Section 9.5.4 of [Semantics]). Authorization (Section 10.7.2 of [Semantics]).
Caches MAY either store trailer fields separate from header fields, Caches MAY either store trailer fields separate from header fields,
or discard them. Caches MUST NOT combine trailer fields with header or discard them. Caches MUST NOT combine trailer fields with header
fields. fields.
3.2. Storing Incomplete Responses 3.2. Storing Incomplete Responses
If the request method is GET, the response status code is 200 (OK), If the request method is GET, the response status code is 200 (OK),
and the entire response header section has been received, a cache MAY and the entire response header section has been received, a cache MAY
store a response body that is not complete (Section 2.1 of store a response body that is not complete (Section 3.3 of
[Semantics]) if the stored response is recorded as being incomplete. [Semantics]) if the stored response is recorded as being incomplete.
Likewise, a 206 (Partial Content) response MAY be stored as if it Likewise, a 206 (Partial Content) response MAY be stored as if it
were an incomplete 200 (OK) response. However, a cache MUST NOT were an incomplete 200 (OK) response. However, a cache MUST NOT
store incomplete or partial-content responses if it does not support store incomplete or partial-content responses if it does not support
the Range and Content-Range header fields or if it does not the Range and Content-Range header fields or if it does not
understand the range units used in those fields. understand the range units used in those fields.
A cache MAY complete a stored incomplete response by making a A cache MAY complete a stored incomplete response by making a
subsequent range request (Section 9.3 of [Semantics]) and combining subsequent range request (Section 13.2 of [Semantics]) and combining
the successful response with the stored response, as defined in the successful response with the stored response, as defined in
Section 3.4. A cache MUST NOT use an incomplete response to answer Section 3.4. A cache MUST NOT use an incomplete response to answer
requests unless the response has been made complete, or the request requests unless the response has been made complete, or the request
is partial and specifies a range wholly within the incomplete is partial and specifies a range wholly within the incomplete
response. A cache MUST NOT send a partial response to a client response. A cache MUST NOT send a partial response to a client
without explicitly marking it using the 206 (Partial Content) status without explicitly marking it using the 206 (Partial Content) status
code. code.
3.3. Storing Responses to Authenticated Requests 3.3. Storing Responses to Authenticated Requests
A shared cache MUST NOT use a cached response to a request with an A shared cache MUST NOT use a cached response to a request with an
Authorization header field (Section 9.5.3 of [Semantics]) to satisfy Authorization header field (Section 10.6.2 of [Semantics]) to satisfy
any subsequent request unless the response contains a Cache-Control any subsequent request unless the response contains a Cache-Control
field with a response directive (Section 5.2.2) that allows it to be field with a response directive (Section 5.2.2) that allows it to be
stored by a shared cache and the cache conforms to the requirements stored by a shared cache and the cache conforms to the requirements
of that directive for that response. of that directive for that response.
In this specification, the following response directives have such an In this specification, the following response directives have such an
effect: must-revalidate (Section 5.2.2.1), public (Section 5.2.2.6), effect: must-revalidate (Section 5.2.2.1), public (Section 5.2.2.6),
and s-maxage (Section 5.2.2.10). and s-maxage (Section 5.2.2.10).
3.4. Combining Partial Content 3.4. Combining Partial Content
A response might transfer only a partial representation if the A response might transfer only a partial representation if the
connection closed prematurely or if the request used one or more connection closed prematurely or if the request used one or more
Range specifiers (Section 9.3 of [Semantics]). After several such Range specifiers (Section 13.2 of [Semantics]). After several such
transfers, a cache might have received several ranges of the same transfers, a cache might have received several ranges of the same
representation. A cache MAY combine these ranges into a single representation. A cache MAY combine these ranges into a single
stored response, and reuse that response to satisfy later requests, stored response, and reuse that response to satisfy later requests,
if they all share the same strong validator and the cache complies if they all share the same strong validator and the cache complies
with the client requirements in Section 10.3.7.3 of [Semantics]. with the client requirements in Section 14.3.7.3 of [Semantics].
When combining the new response with one or more stored responses, a When combining the new response with one or more stored responses, a
cache MUST use the header fields provided in the new response, aside cache MUST use the header fields provided in the new response, aside
from Content-Range, to replace all instances of the corresponding from Content-Range, to replace all instances of the corresponding
header fields in the stored response. header fields in the stored response.
4. Constructing Responses from Caches 4. Constructing Responses from Caches
When presented with a request, a cache MUST NOT reuse a stored When presented with a request, a cache MUST NOT reuse a stored
response, unless: response, unless:
skipping to change at page 11, line 29 skipping to change at page 11, line 29
most recent one (as determined by the Date header field). It can most recent one (as determined by the Date header field). It can
also forward the request with "Cache-Control: max-age=0" or "Cache- also forward the request with "Cache-Control: max-age=0" or "Cache-
Control: no-cache" to disambiguate which response to use. Control: no-cache" to disambiguate which response to use.
A cache that does not have a clock available MUST NOT use stored A cache that does not have a clock available MUST NOT use stored
responses without revalidating them upon every use. responses without revalidating them upon every use.
4.1. Calculating Cache Keys with Vary 4.1. Calculating Cache Keys with Vary
When a cache receives a request that can be satisfied by a stored When a cache receives a request that can be satisfied by a stored
response that has a Vary header field (Section 11.1.4 of response that has a Vary header field (Section 11.2.1 of
[Semantics]), it MUST NOT use that response unless all the selecting [Semantics]), it MUST NOT use that response unless all the selecting
header fields nominated by the Vary header field match in both the header fields nominated by the Vary header field match in both the
original request (i.e., that associated with the stored response), original request (i.e., that associated with the stored response),
and the presented request. and the presented request.
The selecting header fields from two requests are defined to match if The selecting header fields from two requests are defined to match if
and only if those in the first request can be transformed to those in and only if those in the first request can be transformed to those in
the second request by applying any of: the second request by applying any of:
o adding or removing whitespace, where allowed in the header field's o adding or removing whitespace, where allowed in the header field's
syntax syntax
o combining multiple header fields with the same field name (see o combining multiple header fields with the same field name (see
Section 5.4 of [Semantics]) Section 5.4.4 of [Semantics])
o normalizing both header field values in a way that is known to o normalizing both header field values in a way that is known to
have identical semantics, according to the header field's have identical semantics, according to the header field's
specification (e.g., reordering field values when order is not specification (e.g., reordering field values when order is not
significant; case-normalization, where values are defined to be significant; case-normalization, where values are defined to be
case-insensitive) case-insensitive)
If (after any normalization that might take place) a header field is If (after any normalization that might take place) a header field is
absent from a request, it can only match another request if it is absent from a request, it can only match another request if it is
also absent there. also absent there.
skipping to change at page 15, line 9 skipping to change at page 15, line 9
a cache MAY assign a heuristic expiration time when an explicit time a cache MAY assign a heuristic expiration time when an explicit time
is not specified, employing algorithms that use other header field is not specified, employing algorithms that use other header field
values (such as the Last-Modified time) to estimate a plausible values (such as the Last-Modified time) to estimate a plausible
expiration time. This specification does not provide specific expiration time. This specification does not provide specific
algorithms, but does impose worst-case constraints on their results. algorithms, but does impose worst-case constraints on their results.
A cache MUST NOT use heuristics to determine freshness when an A cache MUST NOT use heuristics to determine freshness when an
explicit expiration time is present in the stored response. Because explicit expiration time is present in the stored response. Because
of the requirements in Section 3, this means that heuristics can only of the requirements in Section 3, this means that heuristics can only
be used on responses without explicit freshness whose status codes be used on responses without explicit freshness whose status codes
are defined as "heuristically cacheable" (e.g., see Section 10.1 of are defined as "heuristically cacheable" (e.g., see Section 14.1 of
[Semantics]), and those responses without explicit freshness that [Semantics]), and those responses without explicit freshness that
have been marked as explicitly cacheable (e.g., with a "public" have been marked as explicitly cacheable (e.g., with a "public"
response directive). response directive).
Note that in previous specifications heuristically cacheable response Note that in previous specifications heuristically cacheable response
status codes were called "cacheable by default." status codes were called "cacheable by default."
If the response has a Last-Modified header field (Section 11.2.2 of If the response has a Last-Modified header field (Section 7.9.2 of
[Semantics]), caches are encouraged to use a heuristic expiration [Semantics]), caches are encouraged to use a heuristic expiration
value that is no more than some fraction of the interval since that value that is no more than some fraction of the interval since that
time. A typical setting of this fraction might be 10%. time. A typical setting of this fraction might be 10%.
| *Note:* Section 13.9 of [RFC2616] prohibited caches from | *Note:* Section 13.9 of [RFC2616] prohibited caches from
| calculating heuristic freshness for URIs with query components | calculating heuristic freshness for URIs with query components
| (i.e., those containing '?'). In practice, this has not been | (i.e., those containing '?'). In practice, this has not been
| widely implemented. Therefore, origin servers are encouraged | widely implemented. Therefore, origin servers are encouraged
| to send explicit directives (e.g., Cache-Control: no-cache) if | to send explicit directives (e.g., Cache-Control: no-cache) if
| they wish to prevent caching. | they wish to prevent caching.
skipping to change at page 15, line 47 skipping to change at page 15, line 47
been in transit along network paths. been in transit along network paths.
Age calculation uses the following data: Age calculation uses the following data:
age_value The term "age_value" denotes the value of the Age header age_value The term "age_value" denotes the value of the Age header
field (Section 5.1), in a form appropriate for arithmetic field (Section 5.1), in a form appropriate for arithmetic
operation; or 0, if not available. operation; or 0, if not available.
date_value The term "date_value" denotes the value of the Date date_value The term "date_value" denotes the value of the Date
header field, in a form appropriate for arithmetic operations. header field, in a form appropriate for arithmetic operations.
See Section 11.1.1 of [Semantics] for the definition of the Date See Section 9.2.2 of [Semantics] for the definition of the Date
header field, and for requirements regarding responses without it. header field, and for requirements regarding responses without it.
now The term "now" means "the current value of the clock at the host now The term "now" means "the current value of the clock at the host
performing the calculation". A host ought to use NTP ([RFC5905]) performing the calculation". A host ought to use NTP ([RFC5905])
or some similar protocol to synchronize its clocks to Coordinated or some similar protocol to synchronize its clocks to Coordinated
Universal Time. Universal Time.
request_time The current value of the clock at the host at the time request_time The current value of the clock at the host at the time
the request resulting in the stored response was made. the request resulting in the stored response was made.
skipping to change at page 17, line 22 skipping to change at page 17, line 22
or doing so is explicitly permitted by the client or origin server or doing so is explicitly permitted by the client or origin server
(e.g., by the max-stale request directive in Section 5.2.1, by (e.g., by the max-stale request directive in Section 5.2.1, by
extension directives such as those defined in [RFC5861], or by extension directives such as those defined in [RFC5861], or by
configuration in accordance with an out-of-band contract). configuration in accordance with an out-of-band contract).
4.3. Validation 4.3. Validation
When a cache has one or more stored responses for a requested URI, When a cache has one or more stored responses for a requested URI,
but cannot serve any of them (e.g., because they are not fresh, or but cannot serve any of them (e.g., because they are not fresh, or
one cannot be selected; see Section 4.1), it can use the conditional one cannot be selected; see Section 4.1), it can use the conditional
request mechanism Section 9.2 of [Semantics] in the forwarded request request mechanism Section 12.1 of [Semantics] in the forwarded
to give the next inbound server an opportunity to select a valid request to give the next inbound server an opportunity to select a
stored response to use, updating the stored metadata in the process, valid stored response to use, updating the stored metadata in the
or to replace the stored response(s) with a new response. This process, or to replace the stored response(s) with a new response.
process is known as "validating" or "revalidating" the stored This process is known as "validating" or "revalidating" the stored
response. response.
4.3.1. Sending a Validation Request 4.3.1. Sending a Validation Request
When generating a conditional request for validation, a cache starts When generating a conditional request for validation, a cache starts
with either a request it is attempting to satisfy, or - if it is with either a request it is attempting to satisfy, or - if it is
initiating the request independently - it synthesises a request using initiating the request independently - it synthesises a request using
a stored response by copying the method, target URI, and request a stored response by copying the method, target URI, and request
header fields identified by the Vary header field Section 4.1. header fields identified by the Vary header field Section 4.1.
It then updates that request with one or more precondition header It then updates that request with one or more precondition header
fields. These contain validator metadata sourced from stored fields. These contain validator metadata sourced from stored
response(s) that have the same cache key. response(s) that have the same cache key.
The precondition header fields are then compared by recipients to The precondition header fields are then compared by recipients to
determine whether any stored response is equivalent to a current determine whether any stored response is equivalent to a current
representation of the resource. representation of the resource.
One such validator is the timestamp given in a Last-Modified header One such validator is the timestamp given in a Last-Modified header
field (Section 11.2.2 of [Semantics]), which can be used in an If- field (Section 7.9.2 of [Semantics]), which can be used in an If-
Modified-Since header field for response validation, or in an If- Modified-Since header field for response validation, or in an If-
Unmodified-Since or If-Range header field for representation Unmodified-Since or If-Range header field for representation
selection (i.e., the client is referring specifically to a previously selection (i.e., the client is referring specifically to a previously
obtained representation with that timestamp). obtained representation with that timestamp).
Another validator is the entity-tag given in an ETag field Another validator is the entity-tag given in an ETag field
(Section 11.2.3 of [Semantics]). One or more entity-tags, indicating (Section 7.9.3 of [Semantics]). One or more entity-tags, indicating
one or more stored responses, can be used in an If-None-Match header one or more stored responses, can be used in an If-None-Match header
field for response validation, or in an If-Match or If-Range header field for response validation, or in an If-Match or If-Range header
field for representation selection (i.e., the client is referring field for representation selection (i.e., the client is referring
specifically to one or more previously obtained representations with specifically to one or more previously obtained representations with
the listed entity-tags). the listed entity-tags).
4.3.2. Handling a Received Validation Request 4.3.2. Handling a Received Validation Request
Each client in the request chain may have its own cache, so it is Each client in the request chain may have its own cache, so it is
common for a cache at an intermediary to receive conditional requests common for a cache at an intermediary to receive conditional requests
skipping to change at page 18, line 35 skipping to change at page 18, line 35
received in that request with respect to the corresponding validators received in that request with respect to the corresponding validators
contained within the selected response. A cache MUST NOT evaluate contained within the selected response. A cache MUST NOT evaluate
conditional header fields that only apply to an origin server, occur conditional header fields that only apply to an origin server, occur
in a request with semantics that cannot be satisfied with a cached in a request with semantics that cannot be satisfied with a cached
response, or occur in a request with a target resource for which it response, or occur in a request with a target resource for which it
has no stored responses; such preconditions are likely intended for has no stored responses; such preconditions are likely intended for
some other (inbound) server. some other (inbound) server.
The proper evaluation of conditional requests by a cache depends on The proper evaluation of conditional requests by a cache depends on
the received precondition header fields and their precedence, as the received precondition header fields and their precedence, as
defined in Section 9.2.2 of [Semantics]. The If-Match and If- defined in Section 12.3 of [Semantics]. The If-Match and If-
Unmodified-Since conditional header fields are not applicable to a Unmodified-Since conditional header fields are not applicable to a
cache. cache.
A request containing an If-None-Match header field (Section 9.2.4 of A request containing an If-None-Match header field (Section 12.1.2 of
[Semantics]) indicates that the client wants to validate one or more [Semantics]) indicates that the client wants to validate one or more
of its own stored responses in comparison to whichever stored of its own stored responses in comparison to whichever stored
response is selected by the cache. If the field value is "*", or if response is selected by the cache. If the field value is "*", or if
the field value is a list of entity-tags and at least one of them the field value is a list of entity-tags and at least one of them
matches the entity-tag of the selected stored response, a cache matches the entity-tag of the selected stored response, a cache
recipient SHOULD generate a 304 (Not Modified) response (using the recipient SHOULD generate a 304 (Not Modified) response (using the
metadata of the selected stored response) instead of sending that metadata of the selected stored response) instead of sending that
stored response. stored response.
When a cache decides to revalidate its own stored responses for a When a cache decides to revalidate its own stored responses for a
skipping to change at page 19, line 16 skipping to change at page 19, line 16
content, the cache MUST NOT include its entity-tag in the union content, the cache MUST NOT include its entity-tag in the union
unless the request is for a range that would be fully satisfied by unless the request is for a range that would be fully satisfied by
that partial stored response. If the response to the forwarded that partial stored response. If the response to the forwarded
request is 304 (Not Modified) and has an ETag field value with an request is 304 (Not Modified) and has an ETag field value with an
entity-tag that is not in the client's list, the cache MUST generate entity-tag that is not in the client's list, the cache MUST generate
a 200 (OK) response for the client by reusing its corresponding a 200 (OK) response for the client by reusing its corresponding
stored response, as updated by the 304 response metadata stored response, as updated by the 304 response metadata
(Section 4.3.4). (Section 4.3.4).
If an If-None-Match header field is not present, a request containing If an If-None-Match header field is not present, a request containing
an If-Modified-Since header field (Section 9.2.5 of [Semantics]) an If-Modified-Since header field (Section 12.1.3 of [Semantics])
indicates that the client wants to validate one or more of its own indicates that the client wants to validate one or more of its own
stored responses by modification date. A cache recipient SHOULD stored responses by modification date. A cache recipient SHOULD
generate a 304 (Not Modified) response (using the metadata of the generate a 304 (Not Modified) response (using the metadata of the
selected stored response) if one of the following cases is true: 1) selected stored response) if one of the following cases is true: 1)
the selected stored response has a Last-Modified field value that is the selected stored response has a Last-Modified field value that is
earlier than or equal to the conditional timestamp; 2) no Last- earlier than or equal to the conditional timestamp; 2) no Last-
Modified field is present in the selected stored response, but it has Modified field is present in the selected stored response, but it has
a Date field value that is earlier than or equal to the conditional a Date field value that is earlier than or equal to the conditional
timestamp; or, 3) neither Last-Modified nor Date is present in the timestamp; or, 3) neither Last-Modified nor Date is present in the
selected stored response, but the cache recorded it as having been selected stored response, but the cache recorded it as having been
received at a time earlier than or equal to the conditional received at a time earlier than or equal to the conditional
timestamp. timestamp.
A cache that implements partial responses to range requests, as A cache that implements partial responses to range requests, as
defined in Section 9.3 of [Semantics], also needs to evaluate a defined in Section 13.2 of [Semantics], also needs to evaluate a
received If-Range header field (Section 9.2.7 of [Semantics]) received If-Range header field (Section 12.1.5 of [Semantics])
regarding its selected stored response. regarding its selected stored response.
4.3.3. Handling a Validation Response 4.3.3. Handling a Validation Response
Cache handling of a response to a conditional request depends upon Cache handling of a response to a conditional request depends upon
its status code: its status code:
o A 304 (Not Modified) response status code indicates that the o A 304 (Not Modified) response status code indicates that the
stored response can be updated and reused; see Section 4.3.4. stored response can be updated and reused; see Section 4.3.4.
skipping to change at page 20, line 21 skipping to change at page 20, line 21
4.3.4. Freshening Stored Responses upon Validation 4.3.4. Freshening Stored Responses upon Validation
When a cache receives a 304 (Not Modified) response and already has When a cache receives a 304 (Not Modified) response and already has
one or more stored 200 (OK) responses for the applicable cache key, one or more stored 200 (OK) responses for the applicable cache key,
the cache needs to identify which (if any) are to be updated by the the cache needs to identify which (if any) are to be updated by the
new information provided, and then do so. new information provided, and then do so.
The stored response(s) to update are identified by using the first The stored response(s) to update are identified by using the first
match (if any) of: match (if any) of:
o If the new response contains a strong validator (see o If the new response contains a strong validator (see Section 7.9.1
Section 11.2.1 of [Semantics]), then that strong validator of [Semantics]), then that strong validator identifies the
identifies the selected representation for update. All the stored selected representation for update. All the stored responses with
responses with the same strong validator are identified for the same strong validator are identified for update. If none of
update. If none of the stored responses contain the same strong the stored responses contain the same strong validator, then the
validator, then the cache MUST NOT use the new response to update cache MUST NOT use the new response to update any stored
any stored responses. responses.
o If the new response contains a weak validator and that validator o If the new response contains a weak validator and that validator
corresponds to one of the cache's stored responses, then the most corresponds to one of the cache's stored responses, then the most
recent of those matching stored responses is identified for recent of those matching stored responses is identified for
update. update.
o If the new response does not include any form of validator (such o If the new response does not include any form of validator (such
as where a client generates an If-Modified-Since request from a as where a client generates an If-Modified-Since request from a
source other than the Last-Modified response header field), and source other than the Last-Modified response header field), and
there is only one stored response, and that stored response also there is only one stored response, and that stored response also
skipping to change at page 26, line 13 skipping to change at page 26, line 13
be vulnerable to eavesdropping. be vulnerable to eavesdropping.
Note that if a request containing this directive is satisfied from a Note that if a request containing this directive is satisfied from a
cache, the no-store request directive does not apply to the already cache, the no-store request directive does not apply to the already
stored response. stored response.
5.2.1.6. no-transform 5.2.1.6. no-transform
The "no-transform" request directive indicates that the client is The "no-transform" request directive indicates that the client is
asking for intermediaries to avoid transforming the payload, as asking for intermediaries to avoid transforming the payload, as
defined in Section 6.6.2 of [Semantics]. defined in Section 6.5 of [Semantics].
5.2.1.7. only-if-cached 5.2.1.7. only-if-cached
The "only-if-cached" request directive indicates that the client only The "only-if-cached" request directive indicates that the client only
wishes to obtain a stored response. Caches that honor this request wishes to obtain a stored response. Caches that honor this request
directive SHOULD, upon receiving it, either respond using a stored directive SHOULD, upon receiving it, either respond using a stored
response consistent with the other constraints of the request, or response consistent with the other constraints of the request, or
respond with a 504 (Gateway Timeout) status code. respond with a 504 (Gateway Timeout) status code.
5.2.2. Response Cache-Control Directives 5.2.2. Response Cache-Control Directives
skipping to change at page 28, line 26 skipping to change at page 28, line 26
This directive is NOT a reliable or sufficient mechanism for ensuring This directive is NOT a reliable or sufficient mechanism for ensuring
privacy. In particular, malicious or compromised caches might not privacy. In particular, malicious or compromised caches might not
recognize or obey this directive, and communications networks might recognize or obey this directive, and communications networks might
be vulnerable to eavesdropping. be vulnerable to eavesdropping.
5.2.2.5. no-transform 5.2.2.5. no-transform
The "no-transform" response directive indicates that an intermediary The "no-transform" response directive indicates that an intermediary
(regardless of whether it implements a cache) MUST NOT transform the (regardless of whether it implements a cache) MUST NOT transform the
payload, as defined in Section 6.6.2 of [Semantics]. payload, as defined in Section 6.5 of [Semantics].
5.2.2.6. public 5.2.2.6. public
The "public" response directive indicates that a cache MAY store the The "public" response directive indicates that a cache MAY store the
response even if it would otherwise be prohibited, subject to the response even if it would otherwise be prohibited, subject to the
constraints defined in Section 3. In other words, public explicitly constraints defined in Section 3. In other words, public explicitly
marks the response as cacheable. For example, public permits a marks the response as cacheable. For example, public permits a
shared cache to reuse a response to a request containing an shared cache to reuse a response to a request containing an
Authorization header field (Section 3.3). Authorization header field (Section 3.3).
skipping to change at page 32, line 18 skipping to change at page 32, line 18
The "Expires" header field gives the date/time after which the The "Expires" header field gives the date/time after which the
response is considered stale. See Section 4.2 for further discussion response is considered stale. See Section 4.2 for further discussion
of the freshness model. of the freshness model.
The presence of an Expires field does not imply that the original The presence of an Expires field does not imply that the original
resource will change or cease to exist at, before, or after that resource will change or cease to exist at, before, or after that
time. time.
The Expires value is an HTTP-date timestamp, as defined in The Expires value is an HTTP-date timestamp, as defined in
Section 5.4.1.5 of [Semantics]. Section 5.7.7 of [Semantics].
Expires = HTTP-date Expires = HTTP-date
For example For example
Expires: Thu, 01 Dec 1994 16:00:00 GMT Expires: Thu, 01 Dec 1994 16:00:00 GMT
A cache recipient MUST interpret invalid date formats, especially the A cache recipient MUST interpret invalid date formats, especially the
value "0", as representing a time in the past (i.e., "already value "0", as representing a time in the past (i.e., "already
expired"). expired").
skipping to change at page 35, line 47 skipping to change at page 35, line 47
Please add a note to the "Hypertext Transfer Protocol (HTTP) Warn Please add a note to the "Hypertext Transfer Protocol (HTTP) Warn
Codes" registry at <https://www.iana.org/assignments/http-warn-codes> Codes" registry at <https://www.iana.org/assignments/http-warn-codes>
to the effect that Warning is obsoleted. to the effect that Warning is obsoleted.
9. References 9. References
9.1. Normative References 9.1. Normative References
[Messaging] [Messaging]
Fielding, R., Ed., Nottingham, M., Ed., and J. F. Reschke, Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "HTTP/1.1 Messaging", Work in Progress, Internet- Ed., "HTTP/1.1 Messaging", Work in Progress, Internet-
Draft, draft-ietf-httpbis-messaging-11, August 27, 2020, Draft, draft-ietf-httpbis-messaging-12, October 2, 2020,
<https://tools.ietf.org/html/draft-ietf-httpbis-messaging- <https://tools.ietf.org/html/draft-ietf-httpbis-messaging-
11>. 12>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, DOI 10.17487/RFC3986, January 2005,
<https://www.rfc-editor.org/info/rfc3986>.
[RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", STD 68, RFC 5234, Specifications: ABNF", STD 68, RFC 5234,
DOI 10.17487/RFC5234, January 2008, DOI 10.17487/RFC5234, January 2008,
<https://www.rfc-editor.org/info/rfc5234>. <https://www.rfc-editor.org/info/rfc5234>.
[RFC7405] Kyzivat, P., "Case-Sensitive String Support in ABNF", [RFC7405] Kyzivat, P., "Case-Sensitive String Support in ABNF",
RFC 7405, DOI 10.17487/RFC7405, December 2014, RFC 7405, DOI 10.17487/RFC7405, December 2014,
<https://www.rfc-editor.org/info/rfc7405>. <https://www.rfc-editor.org/info/rfc7405>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[Semantics] [Semantics]
Fielding, R., Ed., Nottingham, M., Ed., and J. F. Reschke, Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "HTTP Semantics", Work in Progress, Internet-Draft, Ed., "HTTP Semantics", Work in Progress, Internet-Draft,
draft-ietf-httpbis-semantics-11, August 27, 2020, draft-ietf-httpbis-semantics-12, October 2, 2020,
<https://tools.ietf.org/html/draft-ietf-httpbis-semantics- <https://tools.ietf.org/html/draft-ietf-httpbis-semantics-
11>. 12>.
[USASCII] American National Standards Institute, "Coded Character [USASCII] American National Standards Institute, "Coded Character
Set -- 7-bit American Standard Code for Information Set -- 7-bit American Standard Code for Information
Interchange", ANSI X3.4, 1986. Interchange", ANSI X3.4, 1986.
9.2. Informative References 9.2. Informative References
[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, Transfer Protocol -- HTTP/1.1", RFC 2616,
skipping to change at page 37, line 27 skipping to change at page 37, line 22
<https://www.rfc-editor.org/info/rfc7234>. <https://www.rfc-editor.org/info/rfc7234>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26, Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017, RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>. <https://www.rfc-editor.org/info/rfc8126>.
Appendix A. Collected ABNF Appendix A. Collected ABNF
In the collected ABNF below, list rules are expanded as per In the collected ABNF below, list rules are expanded as per
Section 5.5.1 of [Semantics]. Section 5.7.1.1 of [Semantics].
Age = delta-seconds Age = delta-seconds
Cache-Control = [ cache-directive *( OWS "," OWS cache-directive ) ] Cache-Control = [ cache-directive *( OWS "," OWS cache-directive ) ]
Expires = HTTP-date Expires = HTTP-date
HTTP-date = <HTTP-date, see [Semantics], Section 5.4.1.5> HTTP-date = <HTTP-date, see [Semantics], Section 5.7.7>
OWS = <OWS, see [Semantics], Section 1.6.1> OWS = <OWS, see [Semantics], Section 5.7.3>
cache-directive = token [ "=" ( token / quoted-string ) ] cache-directive = token [ "=" ( token / quoted-string ) ]
delta-seconds = 1*DIGIT delta-seconds = 1*DIGIT
field-name = <field-name, see [Semantics], Section 5.3> field-name = <field-name, see [Semantics], Section 5.4.3>
quoted-string = <quoted-string, see [Semantics], Section 5.4.1.2> quoted-string = <quoted-string, see [Semantics], Section 5.7.4>
token = <token, see [Semantics], Section 5.4.1.1> token = <token, see [Semantics], Section 5.7.2>
Appendix B. Changes from RFC 7234 Appendix B. Changes from RFC 7234
Handling invalid and multiple Age header field values has been Handling invalid and multiple Age header field values has been
clarified. (Section 5.1) clarified. (Section 5.1)
Some cache directives defined by this specification now have stronger Some cache directives defined by this specification now have stronger
prohibitions against generating the quoted form of their values, prohibitions against generating the quoted form of their values,
since this has been found to create interoperability problems. since this has been found to create interoperability problems.
Consumers of extension cache directives are no longer required to Consumers of extension cache directives are no longer required to
accept both token and quoted-string forms, but they still need to accept both token and quoted-string forms, but they still need to
skipping to change at page 42, line 5 skipping to change at page 42, line 5
issues/193>) issues/193>)
o Switch to xml2rfc v3 mode for draft generation o Switch to xml2rfc v3 mode for draft generation
(<https://github.com/httpwg/http-core/issues/394>) (<https://github.com/httpwg/http-core/issues/394>)
C.12. Since draft-ietf-httpbis-cache-10 C.12. Since draft-ietf-httpbis-cache-10
o In Section 5.2 (Cache-Control), adjust ABNF to allow empty lists o In Section 5.2 (Cache-Control), adjust ABNF to allow empty lists
(<https://github.com/httpwg/http-core/issues/210>) (<https://github.com/httpwg/http-core/issues/210>)
C.13. Since draft-ietf-httpbis-cache-11
o None.
Acknowledgments Acknowledgments
See Appendix "Acknowledgments" of [Semantics]. See Appendix "Acknowledgments" of [Semantics].
Authors' Addresses Authors' Addresses
Roy T. Fielding (editor) Roy T. Fielding (editor)
Adobe Adobe
345 Park Ave 345 Park Ave
San Jose, CA 95110 San Jose, CA 95110
skipping to change at page 42, line 28 skipping to change at page 42, line 32
URI: https://roy.gbiv.com/ URI: https://roy.gbiv.com/
Mark Nottingham (editor) Mark Nottingham (editor)
Fastly Fastly
Prahran VIC Prahran VIC
Australia Australia
Email: mnot@mnot.net Email: mnot@mnot.net
URI: https://www.mnot.net/ URI: https://www.mnot.net/
Julian F. Reschke (editor) Julian Reschke (editor)
greenbytes GmbH greenbytes GmbH
Hafenweg 16 Hafenweg 16
48155 Münster 48155 Münster
Germany Germany
Email: julian.reschke@greenbytes.de Email: julian.reschke@greenbytes.de
URI: https://greenbytes.de/tech/webdav/ URI: https://greenbytes.de/tech/webdav/
 End of changes. 48 change blocks. 
71 lines changed or deleted 71 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/