--- 1/draft-ietf-httpbis-p6-cache-02.txt 2008-06-17 10:12:23.000000000 +0200 +++ 2/draft-ietf-httpbis-p6-cache-03.txt 2008-06-17 10:12:23.000000000 +0200 @@ -1,33 +1,33 @@ Network Working Group R. Fielding, Ed. Internet-Draft Day Software Obsoletes: 2616 (if approved) J. Gettys Intended status: Standards Track One Laptop per Child -Expires: August 27, 2008 J. Mogul +Expires: December 19, 2008 J. Mogul HP H. Frystyk Microsoft L. Masinter Adobe Systems P. Leach Microsoft T. Berners-Lee W3C/MIT Y. Lafon, Ed. W3C J. Reschke, Ed. greenbytes - February 24, 2008 + June 17, 2008 HTTP/1.1, part 6: Caching - draft-ietf-httpbis-p6-cache-02 + draft-ietf-httpbis-p6-cache-03 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that @@ -38,50 +38,42 @@ and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. - This Internet-Draft will expire on August 27, 2008. - -Copyright Notice - - Copyright (C) The IETF Trust (2008). + This Internet-Draft will expire on December 19, 2008. Abstract The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 6 of the seven-part specification that defines the protocol referred to as "HTTP/1.1" and, taken together, obsoletes RFC 2616. Part 6 defines requirements on HTTP caches and the associated header fields that control cache behavior or indicate cacheable response messages. Editorial Note (To be removed by RFC Editor) Discussion of this draft should take place on the HTTPBIS working group mailing list (ietf-http-wg@w3.org). The current issues list is at and related documents (including fancy diffs) can be found at . - This draft incorporates those issue resolutions that were either - collected in the original RFC2616 errata list - (), or which were agreed upon on the - mailing list between October 2006 and November 2007 (as published in - "draft-lafon-rfc2616bis-03"). + The changes in this draft are summarized in Appendix B.4. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.1. Purpose . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 6 1.3. Requirements . . . . . . . . . . . . . . . . . . . . . . . 7 2. Notational Conventions and Generic Grammar . . . . . . . . . . 8 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 3.1. Cache Correctness . . . . . . . . . . . . . . . . . . . . 8 @@ -118,36 +110,38 @@ 16.2.2. What May be Stored by Caches . . . . . . . . . . . . 30 16.2.3. Modifications of the Basic Expiration Mechanism . . . 31 16.2.4. Cache Revalidation and Reload Controls . . . . . . . 33 16.2.5. No-Transform Directive . . . . . . . . . . . . . . . 35 16.2.6. Cache Control Extensions . . . . . . . . . . . . . . 36 16.3. Expires . . . . . . . . . . . . . . . . . . . . . . . . . 37 16.4. Pragma . . . . . . . . . . . . . . . . . . . . . . . . . . 38 16.5. Vary . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 16.6. Warning . . . . . . . . . . . . . . . . . . . . . . . . . 39 17. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 42 + 17.1. Message Header Registration . . . . . . . . . . . . . . . 42 18. Security Considerations . . . . . . . . . . . . . . . . . . . 42 - 19. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 42 - 20. References . . . . . . . . . . . . . . . . . . . . . . . . . . 42 - 20.1. Normative References . . . . . . . . . . . . . . . . . . . 42 + 19. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 43 + 20. References . . . . . . . . . . . . . . . . . . . . . . . . . . 43 + 20.1. Normative References . . . . . . . . . . . . . . . . . . . 43 20.2. Informative References . . . . . . . . . . . . . . . . . . 44 Appendix A. Compatibility with Previous Versions . . . . . . . . 44 A.1. Changes from RFC 2068 . . . . . . . . . . . . . . . . . . 44 - A.2. Changes from RFC 2616 . . . . . . . . . . . . . . . . . . 44 + A.2. Changes from RFC 2616 . . . . . . . . . . . . . . . . . . 45 Appendix B. Change Log (to be removed by RFC Editor before - publication) . . . . . . . . . . . . . . . . . . . . 44 + publication) . . . . . . . . . . . . . . . . . . . . 45 B.1. Since RFC2616 . . . . . . . . . . . . . . . . . . . . . . 45 B.2. Since draft-ietf-httpbis-p6-cache-00 . . . . . . . . . . . 45 - B.3. Since draft-ietf-httpbis-p6-cache-01 . . . . . . . . . . . 45 + B.3. Since draft-ietf-httpbis-p6-cache-01 . . . . . . . . . . . 46 + B.4. Since draft-ietf-httpbis-p6-cache-02 . . . . . . . . . . . 46 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 48 - Intellectual Property and Copyright Statements . . . . . . . . . . 51 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 49 + Intellectual Property and Copyright Statements . . . . . . . . . . 52 1. Introduction HTTP is typically used for distributed information systems, where performance can be improved by the use of response caches, and includes a number of elements intended to make caching work as well as possible. Because these elements interact with each other, it is useful to describe the caching design of HTTP separately. This document defines aspects of HTTP/1.1 related to caching and reusing response messages. @@ -1899,21 +1893,39 @@ If an implementation receives a message with a warning-value that includes a warn-date, and that warn-date is different from the Date value in the response, then that warning-value MUST be deleted from the message before storing, forwarding, or using it. (This prevents bad consequences of naive caching of Warning header fields.) If all of the warning-values are deleted for this reason, the Warning header MUST be deleted as well. 17. IANA Considerations - [[anchor1: TBD.]] +17.1. Message Header Registration + + The Message Header Registry located at should be + updated with the permanent registrations below (see [RFC3864]): + + +-------------------+----------+----------+--------------+ + | Header Field Name | Protocol | Status | Reference | + +-------------------+----------+----------+--------------+ + | Age | http | standard | Section 16.1 | + | Cache-Control | http | standard | Section 16.2 | + | Expires | http | standard | Section 16.3 | + | Pragma | http | standard | Section 16.4 | + | Vary | http | standard | Section 16.5 | + | Warning | http | standard | Section 16.6 | + +-------------------+----------+----------+--------------+ + + The change controller is: "IETF (iesg@ietf.org) - Internet + Engineering Task Force". 18. Security Considerations Caching proxies provide additional potential vulnerabilities, since the contents of the cache represent an attractive target for malicious exploitation. Because cache contents persist after an HTTP request is complete, an attack on the cache can reveal information long after a user believes that the information has been removed from the network. Therefore, cache contents should be protected as sensitive information. @@ -1930,69 +1942,73 @@ [ISO-8859-1] International Organization for Standardization, "Information technology -- 8-bit single-byte coded graphic character sets -- Part 1: Latin alphabet No. 1", ISO/ IEC 8859-1:1998, 1998. [Part1] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed., and J. Reschke, Ed., "HTTP/1.1, part 1: URIs, Connections, - and Message Parsing", draft-ietf-httpbis-p1-messaging-02 - (work in progress), February 2008. + and Message Parsing", draft-ietf-httpbis-p1-messaging-03 + (work in progress), June 2008. [Part2] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed., and J. Reschke, Ed., "HTTP/1.1, part 2: Message - Semantics", draft-ietf-httpbis-p2-semantics-02 (work in - progress), February 2008. + Semantics", draft-ietf-httpbis-p2-semantics-03 (work in + progress), June 2008. [Part3] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed., and J. Reschke, Ed., "HTTP/1.1, part 3: Message Payload - and Content Negotiation", draft-ietf-httpbis-p3-payload-02 - (work in progress), February 2008. + and Content Negotiation", draft-ietf-httpbis-p3-payload-03 + (work in progress), June 2008. [Part4] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed., and J. Reschke, Ed., "HTTP/1.1, part 4: Conditional - Requests", draft-ietf-httpbis-p4-conditional-02 (work in - progress), February 2008. + Requests", draft-ietf-httpbis-p4-conditional-03 (work in + progress), June 2008. [Part5] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed., and J. Reschke, Ed., "HTTP/1.1, part 5: Range Requests and - Partial Responses", draft-ietf-httpbis-p5-range-02 (work - in progress), February 2008. + Partial Responses", draft-ietf-httpbis-p5-range-03 (work + in progress), June 2008. [Part7] Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed., and J. Reschke, Ed., "HTTP/1.1, part 7: Authentication", - draft-ietf-httpbis-p7-auth-02 (work in progress), - February 2008. + draft-ietf-httpbis-p7-auth-03 (work in progress), + June 2008. [RFC2047] Moore, K., "MIME (Multipurpose Internet Mail Extensions) Part Three: Message Header Extensions for Non-ASCII Text", RFC 2047, November 1996. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. 20.2. Informative References [RFC1305] Mills, D., "Network Time Protocol (Version 3) Specification, Implementation", RFC 1305, March 1992. [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. + [RFC3864] Klyne, G., Nottingham, M., and J. Mogul, "Registration + Procedures for Message Header Fields", BCP 90, RFC 3864, + September 2004. + Appendix A. Compatibility with Previous Versions A.1. Changes from RFC 2068 A case was missed in the Cache-Control model of HTTP/1.1; s-maxage was introduced to add this missing case. (Sections 6, 16.2, 16.2.3) Transfer-coding and message lengths all interact in ways that required fixing exactly when chunked encoding is used (to allow for transfer encoding that may not be self delimiting); it was important @@ -2061,40 +2076,48 @@ o Use names of RFC4234 core rules DQUOTE and HTAB (work in progress on ) B.3. Since draft-ietf-httpbis-p6-cache-01 Closed issues: o : "rel_path not used" + Other changes: o Get rid of duplicate BNF rule names ("host" -> "uri-host") (work in progress on ) o Add explicit references to BNF syntax and rules imported from other parts of the specification. +B.4. Since draft-ietf-httpbis-p6-cache-02 + + Ongoing work on IANA Message Header Registration + (): + + o Reference RFC 3984, and update header registrations for headers + defined in this document. + Index A age 7 Age header 27 C cache 5 Cache Directives - max-age 32 - max-age 33 + max-age 32-33 max-stale 32 min-fresh 32 must-revalidate 34 no-cache 29 no-store 30 no-transform 35 only-if-cached 34 private 29 proxy-revalidate 35 public 29 @@ -2138,22 +2161,21 @@ Age 27 Cache-Control 27 Expires 37 Pragma 38 Vary 38 Warning 39 heuristic expiration time 7 M max-age - Cache Directive 32 - Cache Directive 33 + Cache Directive 32-33 max-stale Cache Directive 32 min-fresh Cache Directive 32 must-revalidate Cache Directive 34 N no-cache Cache Directive 29 @@ -2305,15 +2327,10 @@ attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. - -Acknowledgment - - Funding for the RFC Editor function is provided by the IETF - Administrative Support Activity (IASA).