Ignore:
Timestamp:
25/09/13 13:01:17 (7 years ago)
Author:
julian.reschke@…
Message:

Update to latest version of rfc2629.xslt

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p6-cache.html

    r2414 r2418  
    106106body {
    107107  color: black;
    108   font-family: verdana, helvetica, arial, sans-serif;
    109   font-size: 10pt;
     108  font-family: cambria, helvetica, arial, sans-serif;
     109  font-size: 11pt;
    110110  margin-right: 2em;
    111111}
     
    132132}
    133133h1 {
    134   font-size: 14pt;
     134  font-size: 130%;
    135135  line-height: 21pt;
    136136  page-break-after: avoid;
     
    139139  page-break-before: always;
    140140}
    141 h1 a {
    142   color: #333333;
    143 }
    144141h2 {
    145   font-size: 12pt;
     142  font-size: 120%;
    146143  line-height: 15pt;
    147144  page-break-after: avoid;
    148145}
    149146h3, h4, h5, h6 {
    150   font-size: 10pt;
     147  font-size: 110%;
    151148  page-break-after: avoid;
    152149}
    153 h2 a, h3 a, h4 a, h5 a, h6 a {
     150h1 a, h2 a, h3 a, h4 a, h5 a, h6 a {
    154151  color: black;
    155152}
     
    251248  caption-side: bottom;
    252249  font-weight: bold;
    253   font-size: 9pt;
     250  font-size: 10pt;
    254251  margin-top: .5em;
    255252}
     
    258255  border-spacing: 1px;
    259256  width: 95%;
    260   font-size: 10pt;
     257  font-size: 11pt;
    261258  color: white;
    262259}
     
    291288  line-height: 150%;
    292289  font-weight: bold;
    293   font-size: 10pt;
    294290  margin-left: 0em;
    295291}
     
    297293  line-height: normal;
    298294  font-weight: normal;
    299   font-size: 9pt;
     295  font-size: 10pt;
    300296  margin-left: 0em;
    301297}
     
    305301ul p {
    306302  margin-left: 0em;
     303}
     304.title, .filename, h1, h2, h3, h4 {
     305  font-family: candara, helvetica, arial, sans-serif;
     306}
     307samp, tt, code, pre {
     308  font: consolas, monospace;
    307309}
    308310ul.ind, ul.ind ul {
     
    344346  font-weight: bold;
    345347  text-align: center;
    346   font-size: 9pt;
     348  font-size: 10pt;
    347349}
    348350.filename {
    349351  color: #333333;
     352  font-size: 75%;
    350353  font-weight: bold;
    351   font-size: 12pt;
    352354  line-height: 21pt;
    353355  text-align: center;
     
    363365}
    364366.title {
    365   color: #990000;
    366   font-size: 18pt;
     367  color: green;
     368  font-size: 150%;
    367369  line-height: 18pt;
    368370  font-weight: bold;
     
    370372  margin-top: 36pt;
    371373}
    372 .vcardline {
    373   display: block;
    374 }
    375374.warning {
    376   font-size: 14pt;
     375  font-size: 130%;
    377376  background-color: yellow;
    378377}
     
    417416    background-color: white;
    418417    vertical-align: top;
    419     font-size: 12pt;
     418    font-size: 110%;
    420419  }
    421420
     
    449448  }
    450449  @bottom-center {
    451        content: "Expires March 28, 2014";
     450       content: "Expires March 29, 2014";
    452451  }
    453452  @bottom-right {
     
    487486      <link href="p5-range.html" rel="prev">
    488487      <link href="p7-auth.html" rel="next">
    489       <meta name="generator" content="http://greenbytes.de/tech/webdav/rfc2629.xslt, Revision 1.599, 2013/08/29 10:34:28, XSLT vendor: SAXON 8.9 from Saxonica http://www.saxonica.com/">
     488      <meta name="generator" content="http://greenbytes.de/tech/webdav/rfc2629.xslt, Revision 1.603, 2013/09/18 20:22:25, XSLT vendor: SAXON 8.9 from Saxonica http://www.saxonica.com/">
    490489      <link rel="schema.dct" href="http://purl.org/dc/terms/">
    491490      <meta name="dct.creator" content="Fielding, R.">
     
    493492      <meta name="dct.creator" content="Reschke, J. F.">
    494493      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p6-cache-latest">
    495       <meta name="dct.issued" scheme="ISO8601" content="2013-09-24">
     494      <meta name="dct.issued" scheme="ISO8601" content="2013-09-25">
    496495      <meta name="dct.replaces" content="urn:ietf:rfc:2616">
    497496      <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypertext information systems. This document defines requirements on HTTP caches and the associated header fields that control cache behavior or indicate cacheable response messages.">
     
    519518            </tr>
    520519            <tr>
    521                <td class="left">Expires: March 28, 2014</td>
     520               <td class="left">Expires: March 29, 2014</td>
    522521               <td class="right">J. Reschke, Editor</td>
    523522            </tr>
     
    528527            <tr>
    529528               <td class="left"></td>
    530                <td class="right">September 24, 2013</td>
     529               <td class="right">September 25, 2013</td>
    531530            </tr>
    532531         </tbody>
     
    545544      <p>The changes in this draft are summarized in <a href="#changes.since.24" title="Since draft-ietf-httpbis-p6-cache-24">Appendix&nbsp;D.6</a>.
    546545      </p>
    547       <h1><a id="rfc.status" href="#rfc.status">Status of This Memo</a></h1>
    548       <p>This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.</p>
    549       <p>Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute
    550          working documents as Internet-Drafts. The list of current Internet-Drafts is at <a href="http://datatracker.ietf.org/drafts/current/">http://datatracker.ietf.org/drafts/current/</a>.
    551       </p>
    552       <p>Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other
    553          documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work
    554          in progress”.
    555       </p>
    556       <p>This Internet-Draft will expire on March 28, 2014.</p>
    557       <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
    558       <p>Copyright © 2013 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
    559       <p>This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (<a href="http://trustee.ietf.org/license-info">http://trustee.ietf.org/license-info</a>) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights
    560          and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License
    561          text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified
    562          BSD License.
    563       </p>
    564       <p>This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November
    565          10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to
    566          allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s)
    567          controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative
    568          works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate
    569          it into languages other than English.
    570       </p>
     546      <div id="rfc.status">
     547         <h1><a href="#rfc.status">Status of This Memo</a></h1>
     548         <p>This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.</p>
     549         <p>Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute
     550            working documents as Internet-Drafts. The list of current Internet-Drafts is at <a href="http://datatracker.ietf.org/drafts/current/">http://datatracker.ietf.org/drafts/current/</a>.
     551         </p>
     552         <p>Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other
     553            documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work
     554            in progress”.
     555         </p>
     556         <p>This Internet-Draft will expire on March 29, 2014.</p>
     557      </div>
     558      <div id="rfc.copyrightnotice">
     559         <h1><a href="#rfc.copyrightnotice">Copyright Notice</a></h1>
     560         <p>Copyright © 2013 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
     561         <p>This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (<a href="http://trustee.ietf.org/license-info">http://trustee.ietf.org/license-info</a>) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights
     562            and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License
     563            text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified
     564            BSD License.
     565         </p>
     566         <p>This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November
     567            10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to
     568            allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s)
     569            controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative
     570            works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate
     571            it into languages other than English.
     572         </p>
     573      </div>
    571574      <hr class="noprint">
    572575      <h1 class="np" id="rfc.toc"><a href="#rfc.toc">Table of Contents</a></h1>
     
    687690         <li><a href="#rfc.index">Index</a></li>
    688691      </ul>
    689       <h1 id="rfc.section.1" class="np"><a href="#rfc.section.1">1.</a>&nbsp;<a id="caching" href="#caching">Introduction</a></h1>
    690       <p id="rfc.section.1.p.1">HTTP is typically used for distributed information systems, where performance can be improved by the use of response caches.
    691          This document defines aspects of HTTP/1.1 related to caching and reusing response messages.
    692       </p>
    693       <div id="rfc.iref.c.1"></div>
    694       <p id="rfc.section.1.p.2">An HTTP <dfn>cache</dfn> is a local store of response messages and the subsystem that controls storage, retrieval, and deletion of messages in it.
    695          A cache stores cacheable responses in order to reduce the response time and network bandwidth consumption on future, equivalent
    696          requests. Any client or server <em class="bcp14">MAY</em> employ a cache, though a cache cannot be used by a server that is acting as a tunnel.
    697       </p>
    698       <div id="rfc.iref.s.1"></div>
    699       <div id="rfc.iref.p.1"></div>
    700       <div id="shared.and.private.caches">
    701          <p id="rfc.section.1.p.3">A <dfn>shared cache</dfn> is a cache that stores responses to be reused by more than one user; shared caches are usually (but not always) deployed as
    702             a part of an intermediary. A <dfn>private cache</dfn>, in contrast, is dedicated to a single user.
    703          </p>
     692      <div id="caching">
     693         <h1 id="rfc.section.1" class="np"><a href="#rfc.section.1">1.</a>&nbsp;<a href="#caching">Introduction</a></h1>
     694         <p id="rfc.section.1.p.1">HTTP is typically used for distributed information systems, where performance can be improved by the use of response caches.
     695            This document defines aspects of HTTP/1.1 related to caching and reusing response messages.
     696         </p>
     697         <div id="rfc.iref.c.1"></div>
     698         <p id="rfc.section.1.p.2">An HTTP <dfn>cache</dfn> is a local store of response messages and the subsystem that controls storage, retrieval, and deletion of messages in it.
     699            A cache stores cacheable responses in order to reduce the response time and network bandwidth consumption on future, equivalent
     700            requests. Any client or server <em class="bcp14">MAY</em> employ a cache, though a cache cannot be used by a server that is acting as a tunnel.
     701         </p>
     702         <div id="rfc.iref.s.1"></div>
     703         <div id="rfc.iref.p.1"></div>
     704         <div id="shared.and.private.caches">
     705            <p id="rfc.section.1.p.3">A <dfn>shared cache</dfn> is a cache that stores responses to be reused by more than one user; shared caches are usually (but not always) deployed as
     706               a part of an intermediary. A <dfn>private cache</dfn>, in contrast, is dedicated to a single user.
     707            </p>
     708         </div>
     709         <p id="rfc.section.1.p.4">The goal of caching in HTTP/1.1 is to significantly improve performance by reusing a prior response message to satisfy a current
     710            request. A stored response is considered "fresh", as defined in <a href="#expiration.model" title="Freshness">Section&nbsp;4.2</a>, if the response can be reused without "validation" (checking with the origin server to see if the cached response remains
     711            valid for this request). A fresh response can therefore reduce both latency and network overhead each time it is reused. When
     712            a cached response is not fresh, it might still be reusable if it can be freshened by validation (<a href="#validation.model" title="Validation">Section&nbsp;4.3</a>) or if the origin is unavailable (<a href="#serving.stale.responses" title="Serving Stale Responses">Section&nbsp;4.2.4</a>).
     713         </p>
     714         <div id="conformance">
     715            <h2 id="rfc.section.1.1"><a href="#rfc.section.1.1">1.1</a>&nbsp;<a href="#conformance">Conformance and Error Handling</a></h2>
     716            <p id="rfc.section.1.1.p.1">The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL"
     717               in this document are to be interpreted as described in <a href="#RFC2119" id="rfc.xref.RFC2119.1"><cite title="Key words for use in RFCs to Indicate Requirement Levels">[RFC2119]</cite></a>.
     718            </p>
     719            <p id="rfc.section.1.1.p.2">Conformance criteria and considerations regarding error handling are defined in <a href="p1-messaging.html#conformance" title="Conformance and Error Handling">Section 2.5</a> of <a href="#Part1" id="rfc.xref.Part1.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.
     720            </p>
     721         </div>
     722         <div id="notation">
     723            <h2 id="rfc.section.1.2"><a href="#rfc.section.1.2">1.2</a>&nbsp;<a href="#notation">Syntax Notation</a></h2>
     724            <p id="rfc.section.1.2.p.1">This specification uses the Augmented Backus-Naur Form (ABNF) notation of <a href="#RFC5234" id="rfc.xref.RFC5234.1"><cite title="Augmented BNF for Syntax Specifications: ABNF">[RFC5234]</cite></a> with the list rule extension defined in <a href="p1-messaging.html#abnf.extension" title="ABNF list extension: #rule">Section 7</a> of <a href="#Part1" id="rfc.xref.Part1.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>. <a href="#imported.abnf" title="Imported ABNF">Appendix&nbsp;B</a> describes rules imported from other documents. <a href="#collected.abnf" title="Collected ABNF">Appendix&nbsp;C</a> shows the collected ABNF with the list rule expanded.
     725            </p>
     726            <div id="delta-seconds">
     727               <h3 id="rfc.section.1.2.1"><a href="#rfc.section.1.2.1">1.2.1</a>&nbsp;<a href="#delta-seconds">Delta Seconds</a></h3>
     728               <p id="rfc.section.1.2.1.p.1">The delta-seconds rule specifies a non-negative integer, representing time in seconds.</p>
     729               <div id="rfc.figure.u.1"></div><pre class="inline"><span id="rfc.iref.g.1"></span>  <a href="#delta-seconds" class="smpl">delta-seconds</a>  = 1*<a href="#imported.abnf" class="smpl">DIGIT</a>
     730</pre><p id="rfc.section.1.2.1.p.3">If a cache receives a delta-seconds value larger than the largest positive integer it can represent, or if any of its subsequent
     731                  calculations overflows, the cache <em class="bcp14">MUST</em> consider the value to be 2147483648 (2<sup>31</sup>). A recipient parsing a delta-seconds value <em class="bcp14">MUST</em> use an arithmetic type of at least 31 bits of range, and a sender <em class="bcp14">MUST NOT</em> generate delta-seconds with a value greater than 2147483648.
     732               </p>
     733            </div>
     734         </div>
    704735      </div>
    705       <p id="rfc.section.1.p.4">The goal of caching in HTTP/1.1 is to significantly improve performance by reusing a prior response message to satisfy a current
    706          request. A stored response is considered "fresh", as defined in <a href="#expiration.model" title="Freshness">Section&nbsp;4.2</a>, if the response can be reused without "validation" (checking with the origin server to see if the cached response remains
    707          valid for this request). A fresh response can therefore reduce both latency and network overhead each time it is reused. When
    708          a cached response is not fresh, it might still be reusable if it can be freshened by validation (<a href="#validation.model" title="Validation">Section&nbsp;4.3</a>) or if the origin is unavailable (<a href="#serving.stale.responses" title="Serving Stale Responses">Section&nbsp;4.2.4</a>).
    709       </p>
    710       <h2 id="rfc.section.1.1"><a href="#rfc.section.1.1">1.1</a>&nbsp;<a id="conformance" href="#conformance">Conformance and Error Handling</a></h2>
    711       <p id="rfc.section.1.1.p.1">The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL"
    712          in this document are to be interpreted as described in <a href="#RFC2119" id="rfc.xref.RFC2119.1"><cite title="Key words for use in RFCs to Indicate Requirement Levels">[RFC2119]</cite></a>.
    713       </p>
    714       <p id="rfc.section.1.1.p.2">Conformance criteria and considerations regarding error handling are defined in <a href="p1-messaging.html#conformance" title="Conformance and Error Handling">Section 2.5</a> of <a href="#Part1" id="rfc.xref.Part1.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.
    715       </p>
    716       <h2 id="rfc.section.1.2"><a href="#rfc.section.1.2">1.2</a>&nbsp;<a id="notation" href="#notation">Syntax Notation</a></h2>
    717       <p id="rfc.section.1.2.p.1">This specification uses the Augmented Backus-Naur Form (ABNF) notation of <a href="#RFC5234" id="rfc.xref.RFC5234.1"><cite title="Augmented BNF for Syntax Specifications: ABNF">[RFC5234]</cite></a> with the list rule extension defined in <a href="p1-messaging.html#abnf.extension" title="ABNF list extension: #rule">Section 7</a> of <a href="#Part1" id="rfc.xref.Part1.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>. <a href="#imported.abnf" title="Imported ABNF">Appendix&nbsp;B</a> describes rules imported from other documents. <a href="#collected.abnf" title="Collected ABNF">Appendix&nbsp;C</a> shows the collected ABNF with the list rule expanded.
    718       </p>
    719       <h3 id="rfc.section.1.2.1"><a href="#rfc.section.1.2.1">1.2.1</a>&nbsp;<a id="delta-seconds" href="#delta-seconds">Delta Seconds</a></h3>
    720       <p id="rfc.section.1.2.1.p.1">The delta-seconds rule specifies a non-negative integer, representing time in seconds.</p>
    721       <div id="rfc.figure.u.1"></div><pre class="inline"><span id="rfc.iref.g.1"></span>  <a href="#delta-seconds" class="smpl">delta-seconds</a>  = 1*<a href="#imported.abnf" class="smpl">DIGIT</a>
    722 </pre><p id="rfc.section.1.2.1.p.3">If a cache receives a delta-seconds value larger than the largest positive integer it can represent, or if any of its subsequent
    723          calculations overflows, the cache <em class="bcp14">MUST</em> consider the value to be 2147483648 (2<sup>31</sup>). A recipient parsing a delta-seconds value <em class="bcp14">MUST</em> use an arithmetic type of at least 31 bits of range, and a sender <em class="bcp14">MUST NOT</em> generate delta-seconds with a value greater than 2147483648.
    724       </p>
    725       <div id="rfc.iref.c.2"></div>
    726       <div id="rfc.iref.c.3"></div>
    727       <h1 id="rfc.section.2"><a href="#rfc.section.2">2.</a>&nbsp;<a id="caching.overview" href="#caching.overview">Overview of Cache Operation</a></h1>
    728       <p id="rfc.section.2.p.1">Proper cache operation preserves the semantics of HTTP transfers (<a href="#Part2" id="rfc.xref.Part2.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>) while eliminating the transfer of information already held in the cache. Although caching is an entirely <em class="bcp14">OPTIONAL</em> feature of HTTP, we assume that reusing the cached response is desirable and that such reuse is the default behavior when
    729          no requirement or local configuration prevents it. Therefore, HTTP cache requirements are focused on preventing a cache from
    730          either storing a non-reusable response or reusing a stored response inappropriately, rather than mandating that caches always
    731          store and reuse particular responses.
    732       </p>
    733       <p id="rfc.section.2.p.2">Each <dfn>cache entry</dfn> consists of a cache key and one or more HTTP responses corresponding to prior requests that used the same key. The most common
    734          form of cache entry is a successful result of a retrieval request: i.e., a <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> response to a GET request, which contains a representation of the resource identified by the request target (<a href="p2-semantics.html#GET" title="GET">Section 4.3.1</a> of <a href="#Part2" id="rfc.xref.Part2.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>). However, it is also possible to cache permanent redirects, negative results (e.g., <a href="p2-semantics.html#status.404" class="smpl">404 (Not Found)</a>), incomplete results (e.g., <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a>), and responses to methods other than GET if the method's definition allows such caching and defines something suitable for
    735          use as a cache key.
    736       </p>
    737       <div id="rfc.iref.c.4"></div>
    738       <p id="rfc.section.2.p.3">The primary <dfn>cache key</dfn> consists of the request method and target URI. However, since HTTP caches in common use today are typically limited to caching
    739          responses to GET, many caches simply decline other methods and use only the URI as the primary cache key.
    740       </p>
    741       <p id="rfc.section.2.p.4">If a request target is subject to content negotiation, its cache entry might consist of multiple stored responses, each differentiated
    742          by a secondary key for the values of the original request's selecting header fields (<a href="#caching.negotiated.responses" title="Calculating Secondary Keys with Vary">Section&nbsp;4.1</a>).
    743       </p>
    744       <h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a>&nbsp;<a id="response.cacheability" href="#response.cacheability">Storing Responses in Caches</a></h1>
    745       <p id="rfc.section.3.p.1">A cache <em class="bcp14">MUST NOT</em> store a response to any request, unless:
    746       </p>
    747       <ul>
    748          <li>The request method is understood by the cache and defined as being cacheable, and</li>
    749          <li>the response status code is understood by the cache, and</li>
    750          <li>the "no-store" cache directive (see <a href="#header.cache-control" id="rfc.xref.header.cache-control.1" title="Cache-Control">Section&nbsp;5.2</a>) does not appear in request or response header fields, and
    751          </li>
    752          <li>the "private" cache response directive (see <a href="#cache-response-directive.private" title="private">Section&nbsp;5.2.2.6</a>) does not appear in the response, if the cache is shared, and
    753          </li>
    754          <li>the <a href="p7-auth.html#header.authorization" class="smpl">Authorization</a> header field (see <a href="p7-auth.html#header.authorization" title="Authorization">Section 4.1</a> of <a href="#Part7" id="rfc.xref.Part7.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Authentication">[Part7]</cite></a>) does not appear in the request, if the cache is shared, unless the response explicitly allows it (see <a href="#caching.authenticated.responses" title="Storing Responses to Authenticated Requests">Section&nbsp;3.2</a>), and
    755          </li>
    756          <li>the response either:
     736      <div id="caching.overview">
     737         <div id="rfc.iref.c.2"></div>
     738         <div id="rfc.iref.c.3"></div>
     739         <h1 id="rfc.section.2"><a href="#rfc.section.2">2.</a>&nbsp;<a href="#caching.overview">Overview of Cache Operation</a></h1>
     740         <p id="rfc.section.2.p.1">Proper cache operation preserves the semantics of HTTP transfers (<a href="#Part2" id="rfc.xref.Part2.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>) while eliminating the transfer of information already held in the cache. Although caching is an entirely <em class="bcp14">OPTIONAL</em> feature of HTTP, we assume that reusing the cached response is desirable and that such reuse is the default behavior when
     741            no requirement or local configuration prevents it. Therefore, HTTP cache requirements are focused on preventing a cache from
     742            either storing a non-reusable response or reusing a stored response inappropriately, rather than mandating that caches always
     743            store and reuse particular responses.
     744         </p>
     745         <p id="rfc.section.2.p.2">Each <dfn>cache entry</dfn> consists of a cache key and one or more HTTP responses corresponding to prior requests that used the same key. The most common
     746            form of cache entry is a successful result of a retrieval request: i.e., a <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> response to a GET request, which contains a representation of the resource identified by the request target (<a href="p2-semantics.html#GET" title="GET">Section 4.3.1</a> of <a href="#Part2" id="rfc.xref.Part2.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>). However, it is also possible to cache permanent redirects, negative results (e.g., <a href="p2-semantics.html#status.404" class="smpl">404 (Not Found)</a>), incomplete results (e.g., <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a>), and responses to methods other than GET if the method's definition allows such caching and defines something suitable for
     747            use as a cache key.
     748         </p>
     749         <div id="rfc.iref.c.4"></div>
     750         <p id="rfc.section.2.p.3">The primary <dfn>cache key</dfn> consists of the request method and target URI. However, since HTTP caches in common use today are typically limited to caching
     751            responses to GET, many caches simply decline other methods and use only the URI as the primary cache key.
     752         </p>
     753         <p id="rfc.section.2.p.4">If a request target is subject to content negotiation, its cache entry might consist of multiple stored responses, each differentiated
     754            by a secondary key for the values of the original request's selecting header fields (<a href="#caching.negotiated.responses" title="Calculating Secondary Keys with Vary">Section&nbsp;4.1</a>).
     755         </p>
     756      </div>
     757      <div id="response.cacheability">
     758         <h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a>&nbsp;<a href="#response.cacheability">Storing Responses in Caches</a></h1>
     759         <p id="rfc.section.3.p.1">A cache <em class="bcp14">MUST NOT</em> store a response to any request, unless:
     760         </p>
     761         <ul>
     762            <li>The request method is understood by the cache and defined as being cacheable, and</li>
     763            <li>the response status code is understood by the cache, and</li>
     764            <li>the "no-store" cache directive (see <a href="#header.cache-control" id="rfc.xref.header.cache-control.1" title="Cache-Control">Section&nbsp;5.2</a>) does not appear in request or response header fields, and
     765            </li>
     766            <li>the "private" cache response directive (see <a href="#cache-response-directive.private" title="private">Section&nbsp;5.2.2.6</a>) does not appear in the response, if the cache is shared, and
     767            </li>
     768            <li>the <a href="p7-auth.html#header.authorization" class="smpl">Authorization</a> header field (see <a href="p7-auth.html#header.authorization" title="Authorization">Section 4.1</a> of <a href="#Part7" id="rfc.xref.Part7.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Authentication">[Part7]</cite></a>) does not appear in the request, if the cache is shared, unless the response explicitly allows it (see <a href="#caching.authenticated.responses" title="Storing Responses to Authenticated Requests">Section&nbsp;3.2</a>), and
     769            </li>
     770            <li>the response either:
     771               <ul>
     772                  <li>contains an <a href="#header.expires" class="smpl">Expires</a> header field (see <a href="#header.expires" id="rfc.xref.header.expires.1" title="Expires">Section&nbsp;5.3</a>), or
     773                  </li>
     774                  <li>contains a max-age response cache directive (see <a href="#cache-response-directive.max-age" title="max-age">Section&nbsp;5.2.2.8</a>), or
     775                  </li>
     776                  <li>contains a s-maxage response cache directive (see <a href="#cache-response-directive.s-maxage" title="s-maxage">Section&nbsp;5.2.2.9</a>) and the cache is shared, or
     777                  </li>
     778                  <li>contains a Cache Control Extension (see <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;5.2.3</a>) that allows it to be cached, or
     779                  </li>
     780                  <li>has a status code that is defined as cacheable (see <a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section&nbsp;4.2.2</a>), or
     781                  </li>
     782                  <li>contains a public response cache directive (see <a href="#cache-response-directive.public" title="public">Section&nbsp;5.2.2.5</a>).
     783                  </li>
     784               </ul>
     785            </li>
     786         </ul>
     787         <p id="rfc.section.3.p.2">Note that any of the requirements listed above can be overridden by a cache-control extension; see <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;5.2.3</a>.
     788         </p>
     789         <p id="rfc.section.3.p.3">In this context, a cache has "understood" a request method or a response status code if it recognizes it and implements all
     790            specified caching-related behavior.
     791         </p>
     792         <p id="rfc.section.3.p.4">Note that, in normal operation, some caches will not store a response that has neither a cache validator nor an explicit expiration
     793            time, as such responses are not usually useful to store. However, caches are not prohibited from storing such responses.
     794         </p>
     795         <div id="incomplete.responses">
     796            <h2 id="rfc.section.3.1"><a href="#rfc.section.3.1">3.1</a>&nbsp;<a href="#incomplete.responses">Storing Incomplete Responses</a></h2>
     797            <p id="rfc.section.3.1.p.1">A response message is considered complete when all of the octets indicated by the message framing (<a href="#Part1" id="rfc.xref.Part1.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) are received prior to the connection being closed. If the request method is GET, the response status code is <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a>, and the entire response header section has been received, a cache <em class="bcp14">MAY</em> store an incomplete response message body if the cache entry is recorded as incomplete. Likewise, a <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a> response <em class="bcp14">MAY</em> be stored as if it were an incomplete <a href="p2-semantics.html#status.200" class="smpl">200
     798                  (OK)</a> cache entry. However, a cache <em class="bcp14">MUST NOT</em> store incomplete or partial content responses if it does not support the <a href="p5-range.html#header.range" class="smpl">Range</a> and <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> header fields or if it does not understand the range units used in those fields.
     799            </p>
     800            <p id="rfc.section.3.1.p.2">A cache <em class="bcp14">MAY</em> complete a stored incomplete response by making a subsequent range request (<a href="#Part5" id="rfc.xref.Part5.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>) and combining the successful response with the stored entry, as defined in <a href="#combining.responses" title="Combining Partial Content">Section&nbsp;3.3</a>. A cache <em class="bcp14">MUST NOT</em> use an incomplete response to answer requests unless the response has been made complete or the request is partial and specifies
     801               a range that is wholly within the incomplete response. A cache <em class="bcp14">MUST NOT</em> send a partial response to a client without explicitly marking it as such using the <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a> status code.
     802            </p>
     803         </div>
     804         <div id="caching.authenticated.responses">
     805            <h2 id="rfc.section.3.2"><a href="#rfc.section.3.2">3.2</a>&nbsp;<a href="#caching.authenticated.responses">Storing Responses to Authenticated Requests</a></h2>
     806            <p id="rfc.section.3.2.p.1">A shared cache <em class="bcp14">MUST NOT</em> use a cached response to a request with an <a href="p7-auth.html#header.authorization" class="smpl">Authorization</a> header field (<a href="p7-auth.html#header.authorization" title="Authorization">Section 4.1</a> of <a href="#Part7" id="rfc.xref.Part7.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Authentication">[Part7]</cite></a>) to satisfy any subsequent request unless a cache directive that allows such responses to be stored is present in the response.
     807            </p>
     808            <p id="rfc.section.3.2.p.2">In this specification, the following <a href="#header.cache-control" class="smpl">Cache-Control</a> response directives (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section&nbsp;5.2.2</a>) have such an effect: must-revalidate, public, s-maxage.
     809            </p>
     810            <p id="rfc.section.3.2.p.3">Note that cached responses that contain the "must-revalidate" and/or "s-maxage" response directives are not allowed to be
     811               served stale (<a href="#serving.stale.responses" title="Serving Stale Responses">Section&nbsp;4.2.4</a>) by shared caches. In particular, a response with either "max-age=0, must-revalidate" or "s-maxage=0" cannot be used to satisfy
     812               a subsequent request without revalidating it on the origin server.
     813            </p>
     814         </div>
     815         <div id="combining.responses">
     816            <h2 id="rfc.section.3.3"><a href="#rfc.section.3.3">3.3</a>&nbsp;<a href="#combining.responses">Combining Partial Content</a></h2>
     817            <p id="rfc.section.3.3.p.1">A response might transfer only a partial representation if the connection closed prematurely or if the request used one or
     818               more Range specifiers (<a href="#Part5" id="rfc.xref.Part5.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>). After several such transfers, a cache might have received several ranges of the same representation. A cache <em class="bcp14">MAY</em> combine these ranges into a single stored response, and reuse that response to satisfy later requests, if they all share the
     819               same strong validator and the cache complies with the client requirements in <a href="p5-range.html#combining.byte.ranges" title="Combining Ranges">Section 4.3</a> of <a href="#Part5" id="rfc.xref.Part5.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>.
     820            </p>
     821            <p id="rfc.section.3.3.p.2">When combining the new response with one or more stored responses, a cache <em class="bcp14">MUST</em>:
     822            </p>
    757823            <ul>
    758                <li>contains an <a href="#header.expires" class="smpl">Expires</a> header field (see <a href="#header.expires" id="rfc.xref.header.expires.1" title="Expires">Section&nbsp;5.3</a>), or
    759                </li>
    760                <li>contains a max-age response cache directive (see <a href="#cache-response-directive.max-age" title="max-age">Section&nbsp;5.2.2.8</a>), or
    761                </li>
    762                <li>contains a s-maxage response cache directive (see <a href="#cache-response-directive.s-maxage" title="s-maxage">Section&nbsp;5.2.2.9</a>) and the cache is shared, or
    763                </li>
    764                <li>contains a Cache Control Extension (see <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;5.2.3</a>) that allows it to be cached, or
    765                </li>
    766                <li>has a status code that is defined as cacheable (see <a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section&nbsp;4.2.2</a>), or
    767                </li>
    768                <li>contains a public response cache directive (see <a href="#cache-response-directive.public" title="public">Section&nbsp;5.2.2.5</a>).
    769                </li>
    770             </ul>
    771          </li>
    772       </ul>
    773       <p id="rfc.section.3.p.2">Note that any of the requirements listed above can be overridden by a cache-control extension; see <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;5.2.3</a>.
    774       </p>
    775       <p id="rfc.section.3.p.3">In this context, a cache has "understood" a request method or a response status code if it recognizes it and implements all
    776          specified caching-related behavior.
    777       </p>
    778       <p id="rfc.section.3.p.4">Note that, in normal operation, some caches will not store a response that has neither a cache validator nor an explicit expiration
    779          time, as such responses are not usually useful to store. However, caches are not prohibited from storing such responses.
    780       </p>
    781       <h2 id="rfc.section.3.1"><a href="#rfc.section.3.1">3.1</a>&nbsp;<a id="incomplete.responses" href="#incomplete.responses">Storing Incomplete Responses</a></h2>
    782       <p id="rfc.section.3.1.p.1">A response message is considered complete when all of the octets indicated by the message framing (<a href="#Part1" id="rfc.xref.Part1.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) are received prior to the connection being closed. If the request method is GET, the response status code is <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a>, and the entire response header section has been received, a cache <em class="bcp14">MAY</em> store an incomplete response message body if the cache entry is recorded as incomplete. Likewise, a <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a> response <em class="bcp14">MAY</em> be stored as if it were an incomplete <a href="p2-semantics.html#status.200" class="smpl">200
    783             (OK)</a> cache entry. However, a cache <em class="bcp14">MUST NOT</em> store incomplete or partial content responses if it does not support the <a href="p5-range.html#header.range" class="smpl">Range</a> and <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> header fields or if it does not understand the range units used in those fields.
    784       </p>
    785       <p id="rfc.section.3.1.p.2">A cache <em class="bcp14">MAY</em> complete a stored incomplete response by making a subsequent range request (<a href="#Part5" id="rfc.xref.Part5.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>) and combining the successful response with the stored entry, as defined in <a href="#combining.responses" title="Combining Partial Content">Section&nbsp;3.3</a>. A cache <em class="bcp14">MUST NOT</em> use an incomplete response to answer requests unless the response has been made complete or the request is partial and specifies
    786          a range that is wholly within the incomplete response. A cache <em class="bcp14">MUST NOT</em> send a partial response to a client without explicitly marking it as such using the <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a> status code.
    787       </p>
    788       <h2 id="rfc.section.3.2"><a href="#rfc.section.3.2">3.2</a>&nbsp;<a id="caching.authenticated.responses" href="#caching.authenticated.responses">Storing Responses to Authenticated Requests</a></h2>
    789       <p id="rfc.section.3.2.p.1">A shared cache <em class="bcp14">MUST NOT</em> use a cached response to a request with an <a href="p7-auth.html#header.authorization" class="smpl">Authorization</a> header field (<a href="p7-auth.html#header.authorization" title="Authorization">Section 4.1</a> of <a href="#Part7" id="rfc.xref.Part7.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Authentication">[Part7]</cite></a>) to satisfy any subsequent request unless a cache directive that allows such responses to be stored is present in the response.
    790       </p>
    791       <p id="rfc.section.3.2.p.2">In this specification, the following <a href="#header.cache-control" class="smpl">Cache-Control</a> response directives (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section&nbsp;5.2.2</a>) have such an effect: must-revalidate, public, s-maxage.
    792       </p>
    793       <p id="rfc.section.3.2.p.3">Note that cached responses that contain the "must-revalidate" and/or "s-maxage" response directives are not allowed to be
    794          served stale (<a href="#serving.stale.responses" title="Serving Stale Responses">Section&nbsp;4.2.4</a>) by shared caches. In particular, a response with either "max-age=0, must-revalidate" or "s-maxage=0" cannot be used to satisfy
    795          a subsequent request without revalidating it on the origin server.
    796       </p>
    797       <h2 id="rfc.section.3.3"><a href="#rfc.section.3.3">3.3</a>&nbsp;<a id="combining.responses" href="#combining.responses">Combining Partial Content</a></h2>
    798       <p id="rfc.section.3.3.p.1">A response might transfer only a partial representation if the connection closed prematurely or if the request used one or
    799          more Range specifiers (<a href="#Part5" id="rfc.xref.Part5.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>). After several such transfers, a cache might have received several ranges of the same representation. A cache <em class="bcp14">MAY</em> combine these ranges into a single stored response, and reuse that response to satisfy later requests, if they all share the
    800          same strong validator and the cache complies with the client requirements in <a href="p5-range.html#combining.byte.ranges" title="Combining Ranges">Section 4.3</a> of <a href="#Part5" id="rfc.xref.Part5.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>.
    801       </p>
    802       <p id="rfc.section.3.3.p.2">When combining the new response with one or more stored responses, a cache <em class="bcp14">MUST</em>:
    803       </p>
    804       <ul>
    805          <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.1" title="Warning">Section&nbsp;5.5</a>);
    806          </li>
    807          <li>retain any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 2xx; and,
    808          </li>
    809          <li>use other header fields provided in the new response, aside from <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a>, to replace all instances of the corresponding header fields in the stored response.
    810          </li>
    811       </ul>
    812       <h1 id="rfc.section.4"><a href="#rfc.section.4">4.</a>&nbsp;<a id="constructing.responses.from.caches" href="#constructing.responses.from.caches">Constructing Responses from Caches</a></h1>
    813       <p id="rfc.section.4.p.1">When presented with a request, a cache <em class="bcp14">MUST NOT</em> reuse a stored response, unless:
    814       </p>
    815       <ul>
    816          <li>The presented effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) and that of the stored response match, and
    817          </li>
    818          <li>the request method associated with the stored response allows it to be used for the presented request, and</li>
    819          <li>selecting header fields nominated by the stored response (if any) match those presented (see <a href="#caching.negotiated.responses" title="Calculating Secondary Keys with Vary">Section&nbsp;4.1</a>), and
    820          </li>
    821          <li>the presented request does not contain the no-cache pragma (<a href="#header.pragma" id="rfc.xref.header.pragma.1" title="Pragma">Section&nbsp;5.4</a>), nor the no-cache cache directive (<a href="#cache-request-directive" title="Request Cache-Control Directives">Section&nbsp;5.2.1</a>), unless the stored response is successfully validated (<a href="#validation.model" title="Validation">Section&nbsp;4.3</a>), and
    822          </li>
    823          <li>the stored response does not contain the no-cache cache directive (<a href="#cache-response-directive.no-cache" title="no-cache">Section&nbsp;5.2.2.2</a>), unless it is successfully validated (<a href="#validation.model" title="Validation">Section&nbsp;4.3</a>), and
    824          </li>
    825          <li>the stored response is either:
     824               <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.1" title="Warning">Section&nbsp;5.5</a>);
     825               </li>
     826               <li>retain any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 2xx; and,
     827               </li>
     828               <li>use other header fields provided in the new response, aside from <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a>, to replace all instances of the corresponding header fields in the stored response.
     829               </li>
     830            </ul>
     831         </div>
     832      </div>
     833      <div id="constructing.responses.from.caches">
     834         <h1 id="rfc.section.4"><a href="#rfc.section.4">4.</a>&nbsp;<a href="#constructing.responses.from.caches">Constructing Responses from Caches</a></h1>
     835         <p id="rfc.section.4.p.1">When presented with a request, a cache <em class="bcp14">MUST NOT</em> reuse a stored response, unless:
     836         </p>
     837         <ul>
     838            <li>The presented effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) and that of the stored response match, and
     839            </li>
     840            <li>the request method associated with the stored response allows it to be used for the presented request, and</li>
     841            <li>selecting header fields nominated by the stored response (if any) match those presented (see <a href="#caching.negotiated.responses" title="Calculating Secondary Keys with Vary">Section&nbsp;4.1</a>), and
     842            </li>
     843            <li>the presented request does not contain the no-cache pragma (<a href="#header.pragma" id="rfc.xref.header.pragma.1" title="Pragma">Section&nbsp;5.4</a>), nor the no-cache cache directive (<a href="#cache-request-directive" title="Request Cache-Control Directives">Section&nbsp;5.2.1</a>), unless the stored response is successfully validated (<a href="#validation.model" title="Validation">Section&nbsp;4.3</a>), and
     844            </li>
     845            <li>the stored response does not contain the no-cache cache directive (<a href="#cache-response-directive.no-cache" title="no-cache">Section&nbsp;5.2.2.2</a>), unless it is successfully validated (<a href="#validation.model" title="Validation">Section&nbsp;4.3</a>), and
     846            </li>
     847            <li>the stored response is either:
     848               <ul>
     849                  <li>fresh (see <a href="#expiration.model" title="Freshness">Section&nbsp;4.2</a>), or
     850                  </li>
     851                  <li>allowed to be served stale (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section&nbsp;4.2.4</a>), or
     852                  </li>
     853                  <li>successfully validated (see <a href="#validation.model" title="Validation">Section&nbsp;4.3</a>).
     854                  </li>
     855               </ul>
     856            </li>
     857         </ul>
     858         <p id="rfc.section.4.p.2">Note that any of the requirements listed above can be overridden by a cache-control extension; see <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;5.2.3</a>.
     859         </p>
     860         <p id="rfc.section.4.p.3">When a stored response is used to satisfy a request without validation, a cache <em class="bcp14">MUST</em> generate an <a href="#header.age" class="smpl">Age</a> header field (<a href="#header.age" id="rfc.xref.header.age.1" title="Age">Section&nbsp;5.1</a>), replacing any present in the response with a value equal to the stored response's current_age; see <a href="#age.calculations" title="Calculating Age">Section&nbsp;4.2.3</a>.
     861         </p>
     862         <p id="rfc.section.4.p.4">A cache <em class="bcp14">MUST</em> write through requests with methods that are unsafe (<a href="p2-semantics.html#safe.methods" title="Safe Methods">Section 4.2.1</a> of <a href="#Part2" id="rfc.xref.Part2.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>) to the origin server; i.e., a cache is not allowed to generate a reply to such a request before having forwarded the request
     863            and having received a corresponding response.
     864         </p>
     865         <p id="rfc.section.4.p.5">Also, note that unsafe requests might invalidate already stored responses; see <a href="#invalidation" title="Invalidation">Section&nbsp;4.4</a>.
     866         </p>
     867         <p id="rfc.section.4.p.6">When more than one suitable response is stored, a cache <em class="bcp14">MUST</em> use the most recent response (as determined by the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field). It can also forward the request with "Cache-Control: max-age=0" or "Cache-Control: no-cache" to disambiguate
     868            which response to use.
     869         </p>
     870         <p id="rfc.section.4.p.7">A cache that does not have a clock available <em class="bcp14">MUST NOT</em> use stored responses without revalidating them upon every use.
     871         </p>
     872         <div id="caching.negotiated.responses">
     873            <h2 id="rfc.section.4.1"><a href="#rfc.section.4.1">4.1</a>&nbsp;<a href="#caching.negotiated.responses">Calculating Secondary Keys with Vary</a></h2>
     874            <p id="rfc.section.4.1.p.1">When a cache receives a request that can be satisfied by a stored response that has a <a href="p2-semantics.html#header.vary" class="smpl">Vary</a> header field (<a href="p2-semantics.html#header.vary" title="Vary">Section 7.1.4</a> of <a href="#Part2" id="rfc.xref.Part2.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>), it <em class="bcp14">MUST NOT</em> use that response unless all of the selecting header fields nominated by the Vary header field match in both the original
     875               request (i.e., that associated with the stored response), and the presented request.
     876            </p>
     877            <p id="rfc.section.4.1.p.2">The selecting header fields from two requests are defined to match if and only if those in the first request can be transformed
     878               to those in the second request by applying any of the following:
     879            </p>
    826880            <ul>
    827                <li>fresh (see <a href="#expiration.model" title="Freshness">Section&nbsp;4.2</a>), or
    828                </li>
    829                <li>allowed to be served stale (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section&nbsp;4.2.4</a>), or
    830                </li>
    831                <li>successfully validated (see <a href="#validation.model" title="Validation">Section&nbsp;4.3</a>).
    832                </li>
    833             </ul>
    834          </li>
    835       </ul>
    836       <p id="rfc.section.4.p.2">Note that any of the requirements listed above can be overridden by a cache-control extension; see <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;5.2.3</a>.
    837       </p>
    838       <p id="rfc.section.4.p.3">When a stored response is used to satisfy a request without validation, a cache <em class="bcp14">MUST</em> generate an <a href="#header.age" class="smpl">Age</a> header field (<a href="#header.age" id="rfc.xref.header.age.1" title="Age">Section&nbsp;5.1</a>), replacing any present in the response with a value equal to the stored response's current_age; see <a href="#age.calculations" title="Calculating Age">Section&nbsp;4.2.3</a>.
    839       </p>
    840       <p id="rfc.section.4.p.4">A cache <em class="bcp14">MUST</em> write through requests with methods that are unsafe (<a href="p2-semantics.html#safe.methods" title="Safe Methods">Section 4.2.1</a> of <a href="#Part2" id="rfc.xref.Part2.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>) to the origin server; i.e., a cache is not allowed to generate a reply to such a request before having forwarded the request
    841          and having received a corresponding response.
    842       </p>
    843       <p id="rfc.section.4.p.5">Also, note that unsafe requests might invalidate already stored responses; see <a href="#invalidation" title="Invalidation">Section&nbsp;4.4</a>.
    844       </p>
    845       <p id="rfc.section.4.p.6">When more than one suitable response is stored, a cache <em class="bcp14">MUST</em> use the most recent response (as determined by the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field). It can also forward the request with "Cache-Control: max-age=0" or "Cache-Control: no-cache" to disambiguate
    846          which response to use.
    847       </p>
    848       <p id="rfc.section.4.p.7">A cache that does not have a clock available <em class="bcp14">MUST NOT</em> use stored responses without revalidating them upon every use.
    849       </p>
    850       <h2 id="rfc.section.4.1"><a href="#rfc.section.4.1">4.1</a>&nbsp;<a id="caching.negotiated.responses" href="#caching.negotiated.responses">Calculating Secondary Keys with Vary</a></h2>
    851       <p id="rfc.section.4.1.p.1">When a cache receives a request that can be satisfied by a stored response that has a <a href="p2-semantics.html#header.vary" class="smpl">Vary</a> header field (<a href="p2-semantics.html#header.vary" title="Vary">Section 7.1.4</a> of <a href="#Part2" id="rfc.xref.Part2.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>), it <em class="bcp14">MUST NOT</em> use that response unless all of the selecting header fields nominated by the Vary header field match in both the original
    852          request (i.e., that associated with the stored response), and the presented request.
    853       </p>
    854       <p id="rfc.section.4.1.p.2">The selecting header fields from two requests are defined to match if and only if those in the first request can be transformed
    855          to those in the second request by applying any of the following:
    856       </p>
    857       <ul>
    858          <li>adding or removing whitespace, where allowed in the header field's syntax</li>
    859          <li>combining multiple header fields with the same field name (see <a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>)
    860          </li>
    861          <li>normalizing both header field values in a way that is known to have identical semantics, according to the header field's specification
    862             (e.g., re-ordering field values when order is not significant; case-normalization, where values are defined to be case-insensitive)
    863          </li>
    864       </ul>
    865       <p id="rfc.section.4.1.p.3">If (after any normalization that might take place) a header field is absent from a request, it can only match another request
    866          if it is also absent there.
    867       </p>
    868       <p id="rfc.section.4.1.p.4">A <a href="p2-semantics.html#header.vary" class="smpl">Vary</a> header field-value of "*" always fails to match.
    869       </p>
    870       <p id="rfc.section.4.1.p.5">The stored response with matching selecting header fields is known as the selected response.</p>
    871       <p id="rfc.section.4.1.p.6">If multiple selected responses are available (potentially including responses without a Vary header field), the cache will
    872          need to choose one to use. When a selecting header field has a known mechanism for doing so (e.g., qvalues on <a href="p2-semantics.html#header.accept" class="smpl">Accept</a> and similar request header fields), that mechanism <em class="bcp14">MAY</em> be used to select preferred responses; of the remainder, the most recent response (as determined by the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field) is used, as per <a href="#constructing.responses.from.caches" title="Constructing Responses from Caches">Section&nbsp;4</a>.
    873       </p>
    874       <p id="rfc.section.4.1.p.7">If no selected response is available, the cache cannot satisfy the presented request. Typically, it is forwarded to the origin
    875          server in a (possibly conditional; see <a href="#validation.model" title="Validation">Section&nbsp;4.3</a>) request.
    876       </p>
    877       <div id="rfc.iref.f.1"></div>
    878       <div id="rfc.iref.s.2"></div>
    879       <h2 id="rfc.section.4.2"><a href="#rfc.section.4.2">4.2</a>&nbsp;<a id="expiration.model" href="#expiration.model">Freshness</a></h2>
    880       <p id="rfc.section.4.2.p.1">A <dfn>fresh</dfn> response is one whose age has not yet exceeded its freshness lifetime. Conversely, a <dfn>stale</dfn> response is one where it has.
    881       </p>
    882       <div id="rfc.iref.f.2"></div>
    883       <div id="rfc.iref.e.1"></div>
    884       <div id="rfc.iref.h.1"></div>
    885       <p id="rfc.section.4.2.p.2">A response's <dfn>freshness lifetime</dfn> is the length of time between its generation by the origin server and its expiration time. An <dfn>explicit expiration time</dfn> is the time at which the origin server intends that a stored response can no longer be used by a cache without further validation,
    886          whereas a <dfn>heuristic expiration time</dfn> is assigned by a cache when no explicit expiration time is available.
    887       </p>
    888       <div id="rfc.iref.a.1"></div>
    889       <p id="rfc.section.4.2.p.3">A response's <dfn>age</dfn> is the time that has passed since it was generated by, or successfully validated with, the origin server.
    890       </p>
    891       <p id="rfc.section.4.2.p.4">When a response is "fresh" in the cache, it can be used to satisfy subsequent requests without contacting the origin server,
    892          thereby improving efficiency.
    893       </p>
    894       <p id="rfc.section.4.2.p.5">The primary mechanism for determining freshness is for an origin server to provide an explicit expiration time in the future,
    895          using either the <a href="#header.expires" class="smpl">Expires</a> header field (<a href="#header.expires" id="rfc.xref.header.expires.2" title="Expires">Section&nbsp;5.3</a>) or the max-age response cache directive (<a href="#cache-response-directive.max-age" title="max-age">Section&nbsp;5.2.2.8</a>). Generally, origin servers will assign future explicit expiration times to responses in the belief that the representation
    896          is not likely to change in a semantically significant way before the expiration time is reached.
    897       </p>
    898       <p id="rfc.section.4.2.p.6">If an origin server wishes to force a cache to validate every request, it can assign an explicit expiration time in the past
    899          to indicate that the response is already stale. Compliant caches will normally validate a stale cached response before reusing
    900          it for subsequent requests (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section&nbsp;4.2.4</a>).
    901       </p>
    902       <p id="rfc.section.4.2.p.7">Since origin servers do not always provide explicit expiration times, caches are also allowed to use a heuristic to determine
    903          an expiration time under certain circumstances (see <a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section&nbsp;4.2.2</a>).
    904       </p>
    905       <div id="rfc.figure.u.2"></div>
    906       <p>The calculation to determine if a response is fresh is:</p><pre class="text">   response_is_fresh = (freshness_lifetime &gt; current_age)
     881               <li>adding or removing whitespace, where allowed in the header field's syntax</li>
     882               <li>combining multiple header fields with the same field name (see <a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>)
     883               </li>
     884               <li>normalizing both header field values in a way that is known to have identical semantics, according to the header field's specification
     885                  (e.g., re-ordering field values when order is not significant; case-normalization, where values are defined to be case-insensitive)
     886               </li>
     887            </ul>
     888            <p id="rfc.section.4.1.p.3">If (after any normalization that might take place) a header field is absent from a request, it can only match another request
     889               if it is also absent there.
     890            </p>
     891            <p id="rfc.section.4.1.p.4">A <a href="p2-semantics.html#header.vary" class="smpl">Vary</a> header field-value of "*" always fails to match.
     892            </p>
     893            <p id="rfc.section.4.1.p.5">The stored response with matching selecting header fields is known as the selected response.</p>
     894            <p id="rfc.section.4.1.p.6">If multiple selected responses are available (potentially including responses without a Vary header field), the cache will
     895               need to choose one to use. When a selecting header field has a known mechanism for doing so (e.g., qvalues on <a href="p2-semantics.html#header.accept" class="smpl">Accept</a> and similar request header fields), that mechanism <em class="bcp14">MAY</em> be used to select preferred responses; of the remainder, the most recent response (as determined by the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field) is used, as per <a href="#constructing.responses.from.caches" title="Constructing Responses from Caches">Section&nbsp;4</a>.
     896            </p>
     897            <p id="rfc.section.4.1.p.7">If no selected response is available, the cache cannot satisfy the presented request. Typically, it is forwarded to the origin
     898               server in a (possibly conditional; see <a href="#validation.model" title="Validation">Section&nbsp;4.3</a>) request.
     899            </p>
     900         </div>
     901         <div id="expiration.model">
     902            <div id="rfc.iref.f.1"></div>
     903            <div id="rfc.iref.s.2"></div>
     904            <h2 id="rfc.section.4.2"><a href="#rfc.section.4.2">4.2</a>&nbsp;<a href="#expiration.model">Freshness</a></h2>
     905            <p id="rfc.section.4.2.p.1">A <dfn>fresh</dfn> response is one whose age has not yet exceeded its freshness lifetime. Conversely, a <dfn>stale</dfn> response is one where it has.
     906            </p>
     907            <div id="rfc.iref.f.2"></div>
     908            <div id="rfc.iref.e.1"></div>
     909            <div id="rfc.iref.h.1"></div>
     910            <p id="rfc.section.4.2.p.2">A response's <dfn>freshness lifetime</dfn> is the length of time between its generation by the origin server and its expiration time. An <dfn>explicit expiration time</dfn> is the time at which the origin server intends that a stored response can no longer be used by a cache without further validation,
     911               whereas a <dfn>heuristic expiration time</dfn> is assigned by a cache when no explicit expiration time is available.
     912            </p>
     913            <div id="rfc.iref.a.1"></div>
     914            <p id="rfc.section.4.2.p.3">A response's <dfn>age</dfn> is the time that has passed since it was generated by, or successfully validated with, the origin server.
     915            </p>
     916            <p id="rfc.section.4.2.p.4">When a response is "fresh" in the cache, it can be used to satisfy subsequent requests without contacting the origin server,
     917               thereby improving efficiency.
     918            </p>
     919            <p id="rfc.section.4.2.p.5">The primary mechanism for determining freshness is for an origin server to provide an explicit expiration time in the future,
     920               using either the <a href="#header.expires" class="smpl">Expires</a> header field (<a href="#header.expires" id="rfc.xref.header.expires.2" title="Expires">Section&nbsp;5.3</a>) or the max-age response cache directive (<a href="#cache-response-directive.max-age" title="max-age">Section&nbsp;5.2.2.8</a>). Generally, origin servers will assign future explicit expiration times to responses in the belief that the representation
     921               is not likely to change in a semantically significant way before the expiration time is reached.
     922            </p>
     923            <p id="rfc.section.4.2.p.6">If an origin server wishes to force a cache to validate every request, it can assign an explicit expiration time in the past
     924               to indicate that the response is already stale. Compliant caches will normally validate a stale cached response before reusing
     925               it for subsequent requests (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section&nbsp;4.2.4</a>).
     926            </p>
     927            <p id="rfc.section.4.2.p.7">Since origin servers do not always provide explicit expiration times, caches are also allowed to use a heuristic to determine
     928               an expiration time under certain circumstances (see <a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section&nbsp;4.2.2</a>).
     929            </p>
     930            <div id="rfc.figure.u.2"></div>
     931            <p>The calculation to determine if a response is fresh is:</p><pre class="text">   response_is_fresh = (freshness_lifetime &gt; current_age)
    907932</pre><p id="rfc.section.4.2.p.9">freshness_lifetime is defined in <a href="#calculating.freshness.lifetime" title="Calculating Freshness Lifetime">Section&nbsp;4.2.1</a>; current_age is defined in <a href="#age.calculations" title="Calculating Age">Section&nbsp;4.2.3</a>.
    908       </p>
    909       <p id="rfc.section.4.2.p.10">Clients can send the max-age or min-fresh cache directives in a request to constrain or relax freshness calculations for the
    910          corresponding response (<a href="#cache-request-directive" title="Request Cache-Control Directives">Section&nbsp;5.2.1</a>).
    911       </p>
    912       <p id="rfc.section.4.2.p.11">When calculating freshness, to avoid common problems in date parsing:</p>
    913       <p id="rfc.section.4.2.p.12"></p>
    914       <ul>
    915          <li>Although all date formats are specified to be case-sensitive, a cache recipient <em class="bcp14">SHOULD</em> match day, week, and timezone names case-insensitively.
    916          </li>
    917          <li>If a cache recipient's internal implementation of time has less resolution than the value of an HTTP-date, the recipient <em class="bcp14">MUST</em> internally represent a parsed <a href="#header.expires" class="smpl">Expires</a> date as the nearest time equal to or earlier than the received value.
    918          </li>
    919          <li>A cache recipient <em class="bcp14">MUST NOT</em> allow local time zones to influence the calculation or comparison of an age or expiration time.
    920          </li>
    921          <li>A cache recipient <em class="bcp14">SHOULD</em> consider a date with a zone abbreviation other than GMT or UTC to be invalid for calculating expiration.
    922          </li>
    923       </ul>
    924       <p id="rfc.section.4.2.p.13">Note that freshness applies only to cache operation; it cannot be used to force a user agent to refresh its display or reload
    925          a resource. See <a href="#history.lists" title="History Lists">Section&nbsp;6</a> for an explanation of the difference between caches and history mechanisms.
    926       </p>
    927       <h3 id="rfc.section.4.2.1"><a href="#rfc.section.4.2.1">4.2.1</a>&nbsp;<a id="calculating.freshness.lifetime" href="#calculating.freshness.lifetime">Calculating Freshness Lifetime</a></h3>
    928       <p id="rfc.section.4.2.1.p.1">A cache can calculate the freshness lifetime (denoted as freshness_lifetime) of a response by using the first match of: </p>
    929       <ul>
    930          <li>If the cache is shared and the s-maxage response cache directive (<a href="#cache-response-directive.s-maxage" title="s-maxage">Section&nbsp;5.2.2.9</a>) is present, use its value, or
    931          </li>
    932          <li>If the max-age response cache directive (<a href="#cache-response-directive.max-age" title="max-age">Section&nbsp;5.2.2.8</a>) is present, use its value, or
    933          </li>
    934          <li>If the <a href="#header.expires" class="smpl">Expires</a> response header field (<a href="#header.expires" id="rfc.xref.header.expires.3" title="Expires">Section&nbsp;5.3</a>) is present, use its value minus the value of the <a href="p2-semantics.html#header.date" class="smpl">Date</a> response header field, or
    935          </li>
    936          <li>Otherwise, no explicit expiration time is present in the response. A heuristic freshness lifetime might be applicable; see <a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section&nbsp;4.2.2</a>.
    937          </li>
    938       </ul>
    939       <p id="rfc.section.4.2.1.p.2">Note that this calculation is not vulnerable to clock skew, since all of the information comes from the origin server.</p>
    940       <p id="rfc.section.4.2.1.p.3">When there is more than one value present for a given directive (e.g., two <a href="#header.expires" class="smpl">Expires</a> header fields, multiple Cache-Control: max-age directives), the directive's value is considered invalid. Caches are encouraged
    941          to consider responses that have invalid freshness information to be stale.
    942       </p>
    943       <h3 id="rfc.section.4.2.2"><a href="#rfc.section.4.2.2">4.2.2</a>&nbsp;<a id="heuristic.freshness" href="#heuristic.freshness">Calculating Heuristic Freshness</a></h3>
    944       <p id="rfc.section.4.2.2.p.1">Since origin servers do not always provide explicit expiration times, a cache <em class="bcp14">MAY</em> assign a heuristic expiration time when an explicit time is not specified, employing algorithms that use other header field
    945          values (such as the <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> time) to estimate a plausible expiration time. This specification does not provide specific algorithms, but does impose worst-case
    946          constraints on their results.
    947       </p>
    948       <p id="rfc.section.4.2.2.p.2">A cache <em class="bcp14">MUST NOT</em> use heuristics to determine freshness when an explicit expiration time is present in the stored response. Because of the requirements
    949          in <a href="#response.cacheability" title="Storing Responses in Caches">Section&nbsp;3</a>, this means that, effectively, heuristics can only be used on responses without explicit freshness whose status codes are
    950          defined as cacheable, and responses without explicit freshness that have been marked as explicitly cacheable (e.g., with a
    951          "public" response cache directive).
    952       </p>
    953       <p id="rfc.section.4.2.2.p.3">If the response has a <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> header field (<a href="p4-conditional.html#header.last-modified" title="Last-Modified">Section 2.2</a> of <a href="#Part4" id="rfc.xref.Part4.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>), caches are encouraged to use a heuristic expiration value that is no more than some fraction of the interval since that
    954          time. A typical setting of this fraction might be 10%.
    955       </p>
    956       <p id="rfc.section.4.2.2.p.4">When a heuristic is used to calculate freshness lifetime, a cache <em class="bcp14">SHOULD</em> generate a <a href="#header.warning" class="smpl">Warning</a> header field with a 113 warn-code (see <a href="#warn.113" id="rfc.xref.warn.113.1" title="Warning: 113 - &#34;Heuristic Expiration&#34;">Section&nbsp;5.5.4</a>) in the response if its current_age is more than 24 hours and such a warning is not already present.
    957       </p>
    958       <div class="note" id="rfc.section.4.2.2.p.5">
    959          <p><b>Note:</b> <a href="http://tools.ietf.org/html/rfc2616#section-13.9">Section 13.9</a> of <a href="#RFC2616" id="rfc.xref.RFC2616.1"><cite title="Hypertext Transfer Protocol -- HTTP/1.1">[RFC2616]</cite></a> prohibited caches from calculating heuristic freshness for URIs with query components (i.e., those containing '?'). In practice,
    960             this has not been widely implemented. Therefore, origin servers are encouraged to send explicit directives (e.g., Cache-Control:
    961             no-cache) if they wish to preclude caching.
    962          </p>
    963       </div>
    964       <h3 id="rfc.section.4.2.3"><a href="#rfc.section.4.2.3">4.2.3</a>&nbsp;<a id="age.calculations" href="#age.calculations">Calculating Age</a></h3>
    965       <p id="rfc.section.4.2.3.p.1">The <a href="#header.age" class="smpl">Age</a> header field is used to convey an estimated age of the response message when obtained from a cache. The Age field value is
    966          the cache's estimate of the number of seconds since the response was generated or validated by the origin server. In essence,
    967          the Age value is the sum of the time that the response has been resident in each of the caches along the path from the origin
    968          server, plus the amount of time it has been in transit along network paths.
    969       </p>
    970       <p id="rfc.section.4.2.3.p.2">The following data is used for the age calculation:</p>
    971       <p id="rfc.section.4.2.3.p.3"><dfn>age_value</dfn>
    972       </p>
    973       <ul class="empty">
    974          <li>The term "age_value" denotes the value of the <a href="#header.age" class="smpl">Age</a> header field (<a href="#header.age" id="rfc.xref.header.age.2" title="Age">Section&nbsp;5.1</a>), in a form appropriate for arithmetic operation; or 0, if not available.
    975          </li>
    976       </ul>
    977       <p id="rfc.section.4.2.3.p.4"><dfn>date_value</dfn>
    978       </p>
    979       <ul class="empty">
    980          <li>The term "date_value" denotes the value of the Date header field, in a form appropriate for arithmetic operations. See <a href="p2-semantics.html#header.date" title="Date">Section 7.1.1.2</a> of <a href="#Part2" id="rfc.xref.Part2.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a> for the definition of the Date header field, and for requirements regarding responses without it.
    981          </li>
    982       </ul>
    983       <p id="rfc.section.4.2.3.p.5"><dfn>now</dfn>
    984       </p>
    985       <ul class="empty">
    986          <li>The term "now" means "the current value of the clock at the host performing the calculation". A host ought to use NTP (<a href="#RFC1305" id="rfc.xref.RFC1305.1"><cite title="Network Time Protocol (Version 3) Specification, Implementation">[RFC1305]</cite></a>) or some similar protocol to synchronize its clocks to Coordinated Universal Time.
    987          </li>
    988       </ul>
    989       <p id="rfc.section.4.2.3.p.6"><dfn>request_time</dfn>
    990       </p>
    991       <ul class="empty">
    992          <li>The current value of the clock at the host at the time the request resulting in the stored response was made.</li>
    993       </ul>
    994       <p id="rfc.section.4.2.3.p.7"><dfn>response_time</dfn>
    995       </p>
    996       <ul class="empty">
    997          <li>The current value of the clock at the host at the time the response was received.</li>
    998       </ul>
    999       <p id="rfc.section.4.2.3.p.8">A response's age can be calculated in two entirely independent ways: </p>
    1000       <ol>
    1001          <li>the "apparent_age": response_time minus date_value, if the local clock is reasonably well synchronized to the origin server's
    1002             clock. If the result is negative, the result is replaced by zero.
    1003          </li>
    1004          <li>the "corrected_age_value", if all of the caches along the response path implement HTTP/1.1. A cache <em class="bcp14">MUST</em> interpret this value relative to the time the request was initiated, not the time that the response was received.
    1005          </li>
    1006       </ol>
    1007       <div id="rfc.figure.u.3"></div><pre class="text">  apparent_age = max(0, response_time - date_value);
     933            </p>
     934            <p id="rfc.section.4.2.p.10">Clients can send the max-age or min-fresh cache directives in a request to constrain or relax freshness calculations for the
     935               corresponding response (<a href="#cache-request-directive" title="Request Cache-Control Directives">Section&nbsp;5.2.1</a>).
     936            </p>
     937            <p id="rfc.section.4.2.p.11">When calculating freshness, to avoid common problems in date parsing:</p>
     938            <p id="rfc.section.4.2.p.12"></p>
     939            <ul>
     940               <li>Although all date formats are specified to be case-sensitive, a cache recipient <em class="bcp14">SHOULD</em> match day, week, and timezone names case-insensitively.
     941               </li>
     942               <li>If a cache recipient's internal implementation of time has less resolution than the value of an HTTP-date, the recipient <em class="bcp14">MUST</em> internally represent a parsed <a href="#header.expires" class="smpl">Expires</a> date as the nearest time equal to or earlier than the received value.
     943               </li>
     944               <li>A cache recipient <em class="bcp14">MUST NOT</em> allow local time zones to influence the calculation or comparison of an age or expiration time.
     945               </li>
     946               <li>A cache recipient <em class="bcp14">SHOULD</em> consider a date with a zone abbreviation other than GMT or UTC to be invalid for calculating expiration.
     947               </li>
     948            </ul>
     949            <p id="rfc.section.4.2.p.13">Note that freshness applies only to cache operation; it cannot be used to force a user agent to refresh its display or reload
     950               a resource. See <a href="#history.lists" title="History Lists">Section&nbsp;6</a> for an explanation of the difference between caches and history mechanisms.
     951            </p>
     952            <div id="calculating.freshness.lifetime">
     953               <h3 id="rfc.section.4.2.1"><a href="#rfc.section.4.2.1">4.2.1</a>&nbsp;<a href="#calculating.freshness.lifetime">Calculating Freshness Lifetime</a></h3>
     954               <p id="rfc.section.4.2.1.p.1">A cache can calculate the freshness lifetime (denoted as freshness_lifetime) of a response by using the first match of: </p>
     955               <ul>
     956                  <li>If the cache is shared and the s-maxage response cache directive (<a href="#cache-response-directive.s-maxage" title="s-maxage">Section&nbsp;5.2.2.9</a>) is present, use its value, or
     957                  </li>
     958                  <li>If the max-age response cache directive (<a href="#cache-response-directive.max-age" title="max-age">Section&nbsp;5.2.2.8</a>) is present, use its value, or
     959                  </li>
     960                  <li>If the <a href="#header.expires" class="smpl">Expires</a> response header field (<a href="#header.expires" id="rfc.xref.header.expires.3" title="Expires">Section&nbsp;5.3</a>) is present, use its value minus the value of the <a href="p2-semantics.html#header.date" class="smpl">Date</a> response header field, or
     961                  </li>
     962                  <li>Otherwise, no explicit expiration time is present in the response. A heuristic freshness lifetime might be applicable; see <a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section&nbsp;4.2.2</a>.
     963                  </li>
     964               </ul>
     965               <p id="rfc.section.4.2.1.p.2">Note that this calculation is not vulnerable to clock skew, since all of the information comes from the origin server.</p>
     966               <p id="rfc.section.4.2.1.p.3">When there is more than one value present for a given directive (e.g., two <a href="#header.expires" class="smpl">Expires</a> header fields, multiple Cache-Control: max-age directives), the directive's value is considered invalid. Caches are encouraged
     967                  to consider responses that have invalid freshness information to be stale.
     968               </p>
     969            </div>
     970            <div id="heuristic.freshness">
     971               <h3 id="rfc.section.4.2.2"><a href="#rfc.section.4.2.2">4.2.2</a>&nbsp;<a href="#heuristic.freshness">Calculating Heuristic Freshness</a></h3>
     972               <p id="rfc.section.4.2.2.p.1">Since origin servers do not always provide explicit expiration times, a cache <em class="bcp14">MAY</em> assign a heuristic expiration time when an explicit time is not specified, employing algorithms that use other header field
     973                  values (such as the <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> time) to estimate a plausible expiration time. This specification does not provide specific algorithms, but does impose worst-case
     974                  constraints on their results.
     975               </p>
     976               <p id="rfc.section.4.2.2.p.2">A cache <em class="bcp14">MUST NOT</em> use heuristics to determine freshness when an explicit expiration time is present in the stored response. Because of the requirements
     977                  in <a href="#response.cacheability" title="Storing Responses in Caches">Section&nbsp;3</a>, this means that, effectively, heuristics can only be used on responses without explicit freshness whose status codes are
     978                  defined as cacheable, and responses without explicit freshness that have been marked as explicitly cacheable (e.g., with a
     979                  "public" response cache directive).
     980               </p>
     981               <p id="rfc.section.4.2.2.p.3">If the response has a <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> header field (<a href="p4-conditional.html#header.last-modified" title="Last-Modified">Section 2.2</a> of <a href="#Part4" id="rfc.xref.Part4.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>), caches are encouraged to use a heuristic expiration value that is no more than some fraction of the interval since that
     982                  time. A typical setting of this fraction might be 10%.
     983               </p>
     984               <p id="rfc.section.4.2.2.p.4">When a heuristic is used to calculate freshness lifetime, a cache <em class="bcp14">SHOULD</em> generate a <a href="#header.warning" class="smpl">Warning</a> header field with a 113 warn-code (see <a href="#warn.113" id="rfc.xref.warn.113.1" title="Warning: 113 - &#34;Heuristic Expiration&#34;">Section&nbsp;5.5.4</a>) in the response if its current_age is more than 24 hours and such a warning is not already present.
     985               </p>
     986               <div class="note" id="rfc.section.4.2.2.p.5">
     987                  <p><b>Note:</b> <a href="http://tools.ietf.org/html/rfc2616#section-13.9">Section 13.9</a> of <a href="#RFC2616" id="rfc.xref.RFC2616.1"><cite title="Hypertext Transfer Protocol -- HTTP/1.1">[RFC2616]</cite></a> prohibited caches from calculating heuristic freshness for URIs with query components (i.e., those containing '?'). In practice,
     988                     this has not been widely implemented. Therefore, origin servers are encouraged to send explicit directives (e.g., Cache-Control:
     989                     no-cache) if they wish to preclude caching.
     990                  </p>
     991               </div>
     992            </div>
     993            <div id="age.calculations">
     994               <h3 id="rfc.section.4.2.3"><a href="#rfc.section.4.2.3">4.2.3</a>&nbsp;<a href="#age.calculations">Calculating Age</a></h3>
     995               <p id="rfc.section.4.2.3.p.1">The <a href="#header.age" class="smpl">Age</a> header field is used to convey an estimated age of the response message when obtained from a cache. The Age field value is
     996                  the cache's estimate of the number of seconds since the response was generated or validated by the origin server. In essence,
     997                  the Age value is the sum of the time that the response has been resident in each of the caches along the path from the origin
     998                  server, plus the amount of time it has been in transit along network paths.
     999               </p>
     1000               <p id="rfc.section.4.2.3.p.2">The following data is used for the age calculation:</p>
     1001               <p id="rfc.section.4.2.3.p.3"><dfn>age_value</dfn>
     1002               </p>
     1003               <ul class="empty">
     1004                  <li>The term "age_value" denotes the value of the <a href="#header.age" class="smpl">Age</a> header field (<a href="#header.age" id="rfc.xref.header.age.2" title="Age">Section&nbsp;5.1</a>), in a form appropriate for arithmetic operation; or 0, if not available.
     1005                  </li>
     1006               </ul>
     1007               <p id="rfc.section.4.2.3.p.4"><dfn>date_value</dfn>
     1008               </p>
     1009               <ul class="empty">
     1010                  <li>The term "date_value" denotes the value of the Date header field, in a form appropriate for arithmetic operations. See <a href="p2-semantics.html#header.date" title="Date">Section 7.1.1.2</a> of <a href="#Part2" id="rfc.xref.Part2.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a> for the definition of the Date header field, and for requirements regarding responses without it.
     1011                  </li>
     1012               </ul>
     1013               <p id="rfc.section.4.2.3.p.5"><dfn>now</dfn>
     1014               </p>
     1015               <ul class="empty">
     1016                  <li>The term "now" means "the current value of the clock at the host performing the calculation". A host ought to use NTP (<a href="#RFC1305" id="rfc.xref.RFC1305.1"><cite title="Network Time Protocol (Version 3) Specification, Implementation">[RFC1305]</cite></a>) or some similar protocol to synchronize its clocks to Coordinated Universal Time.
     1017                  </li>
     1018               </ul>
     1019               <p id="rfc.section.4.2.3.p.6"><dfn>request_time</dfn>
     1020               </p>
     1021               <ul class="empty">
     1022                  <li>The current value of the clock at the host at the time the request resulting in the stored response was made.</li>
     1023               </ul>
     1024               <p id="rfc.section.4.2.3.p.7"><dfn>response_time</dfn>
     1025               </p>
     1026               <ul class="empty">
     1027                  <li>The current value of the clock at the host at the time the response was received.</li>
     1028               </ul>
     1029               <p id="rfc.section.4.2.3.p.8">A response's age can be calculated in two entirely independent ways: </p>
     1030               <ol>
     1031                  <li>the "apparent_age": response_time minus date_value, if the local clock is reasonably well synchronized to the origin server's
     1032                     clock. If the result is negative, the result is replaced by zero.
     1033                  </li>
     1034                  <li>the "corrected_age_value", if all of the caches along the response path implement HTTP/1.1. A cache <em class="bcp14">MUST</em> interpret this value relative to the time the request was initiated, not the time that the response was received.
     1035                  </li>
     1036               </ol>
     1037               <div id="rfc.figure.u.3"></div><pre class="text">  apparent_age = max(0, response_time - date_value);
    10081038
    10091039  response_delay = response_time - request_time;
    10101040  corrected_age_value = age_value + response_delay; 
    10111041</pre><div id="rfc.figure.u.4"></div>
    1012       <p>These are combined as</p><pre class="text">  corrected_initial_age = max(apparent_age, corrected_age_value);
     1042               <p>These are combined as</p><pre class="text">  corrected_initial_age = max(apparent_age, corrected_age_value);
    10131043</pre><p id="rfc.section.4.2.3.p.11">unless the cache is confident in the value of the <a href="#header.age" class="smpl">Age</a> header field (e.g., because there are no HTTP/1.0 hops in the <a href="p1-messaging.html#header.via" class="smpl">Via</a> header field), in which case the corrected_age_value <em class="bcp14">MAY</em> be used as the corrected_initial_age.
    1014       </p>
    1015       <p id="rfc.section.4.2.3.p.12">The current_age of a stored response can then be calculated by adding the amount of time (in seconds) since the stored response
    1016          was last validated by the origin server to the corrected_initial_age.
    1017       </p>
    1018       <div id="rfc.figure.u.5"></div><pre class="text">  resident_time = now - response_time;
     1044               </p>
     1045               <p id="rfc.section.4.2.3.p.12">The current_age of a stored response can then be calculated by adding the amount of time (in seconds) since the stored response
     1046                  was last validated by the origin server to the corrected_initial_age.
     1047               </p>
     1048               <div id="rfc.figure.u.5"></div><pre class="text">  resident_time = now - response_time;
    10191049  current_age = corrected_initial_age + resident_time;
    1020 </pre><h3 id="rfc.section.4.2.4"><a href="#rfc.section.4.2.4">4.2.4</a>&nbsp;<a id="serving.stale.responses" href="#serving.stale.responses">Serving Stale Responses</a></h3>
    1021       <p id="rfc.section.4.2.4.p.1">A "stale" response is one that either has explicit expiry information or is allowed to have heuristic expiry calculated, but
    1022          is not fresh according to the calculations in <a href="#expiration.model" title="Freshness">Section&nbsp;4.2</a>.
    1023       </p>
    1024       <p id="rfc.section.4.2.4.p.2">A cache <em class="bcp14">MUST NOT</em> generate a stale response if it is prohibited by an explicit in-protocol directive (e.g., by a "no-store" or "no-cache" cache
    1025          directive, a "must-revalidate" cache-response-directive, or an applicable "s-maxage" or "proxy-revalidate" cache-response-directive;
    1026          see <a href="#cache-response-directive" title="Response Cache-Control Directives">Section&nbsp;5.2.2</a>).
    1027       </p>
    1028       <p id="rfc.section.4.2.4.p.3">A cache <em class="bcp14">MUST NOT</em> send stale responses unless it is disconnected (i.e., it cannot contact the origin server or otherwise find a forward path)
    1029          or doing so is explicitly allowed (e.g., by the max-stale request directive; see <a href="#cache-request-directive" title="Request Cache-Control Directives">Section&nbsp;5.2.1</a>).
    1030       </p>
    1031       <p id="rfc.section.4.2.4.p.4">A cache <em class="bcp14">SHOULD</em> generate a <a href="#header.warning" class="smpl">Warning</a> header field with the 110 warn-code (see <a href="#warn.110" id="rfc.xref.warn.110.1" title="Warning: 110 - &#34;Response is Stale&#34;">Section&nbsp;5.5.1</a>) in stale responses. Likewise, a cache <em class="bcp14">SHOULD</em> generate a 112 warn-code (see <a href="#warn.112" id="rfc.xref.warn.112.1" title="Warning: 112 - &#34;Disconnected Operation&#34;">Section&nbsp;5.5.3</a>) in stale responses if the cache is disconnected.
    1032       </p>
    1033       <p id="rfc.section.4.2.4.p.5">A cache <em class="bcp14">SHOULD NOT</em> generate a new <a href="#header.warning" class="smpl">Warning</a> header field when forwarding a response that does not have an <a href="#header.age" class="smpl">Age</a> header field, even if the response is already stale. A cache need not validate a response that merely became stale in transit.
    1034       </p>
    1035       <h2 id="rfc.section.4.3"><a href="#rfc.section.4.3">4.3</a>&nbsp;<a id="validation.model" href="#validation.model">Validation</a></h2>
    1036       <p id="rfc.section.4.3.p.1">When a cache has one or more stored responses for a requested URI, but cannot serve any of them (e.g., because they are not
    1037          fresh, or one cannot be selected; see <a href="#caching.negotiated.responses" title="Calculating Secondary Keys with Vary">Section&nbsp;4.1</a>), it can use the conditional request mechanism <a href="#Part4" id="rfc.xref.Part4.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a> in the forwarded request to give the next inbound server an opportunity to select a valid stored response to use, updating
    1038          the stored metadata in the process, or to replace the stored response(s) with a new response. This process is known as "validating"
    1039          or "revalidating" the stored response.
    1040       </p>
    1041       <div id="rfc.iref.v.1"></div>
    1042       <h3 id="rfc.section.4.3.1"><a href="#rfc.section.4.3.1">4.3.1</a>&nbsp;<a id="validation.sent" href="#validation.sent">Sending a Validation Request</a></h3>
    1043       <p id="rfc.section.4.3.1.p.1">When sending a conditional request for cache validation, a cache sends one or more precondition header fields containing <dfn>validator</dfn> metadata from its stored response(s), which is then compared by recipients to determine whether a stored response is equivalent
    1044          to a current representation of the resource.
    1045       </p>
    1046       <p id="rfc.section.4.3.1.p.2">One such validator is the timestamp given in a <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> header field (<a href="p4-conditional.html#header.last-modified" title="Last-Modified">Section 2.2</a> of <a href="#Part4" id="rfc.xref.Part4.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>), which can be used in an <a href="p4-conditional.html#header.if-modified-since" class="smpl">If-Modified-Since</a> header field for response validation, or in an <a href="p4-conditional.html#header.if-unmodified-since" class="smpl">If-Unmodified-Since</a> or <a href="p5-range.html#header.if-range" class="smpl">If-Range</a> header field for representation selection (i.e., the client is referring specifically to a previously obtained representation
    1047          with that timestamp).
    1048       </p>
    1049       <p id="rfc.section.4.3.1.p.3">Another validator is the entity-tag given in an <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> header field (<a href="p4-conditional.html#header.etag" title="ETag">Section 2.3</a> of <a href="#Part4" id="rfc.xref.Part4.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>). One or more entity-tags, indicating one or more stored responses, can be used in an <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> header field for response validation, or in an <a href="p4-conditional.html#header.if-match" class="smpl">If-Match</a> or <a href="p5-range.html#header.if-range" class="smpl">If-Range</a> header field for representation selection (i.e., the client is referring specifically to one or more previously obtained representations
    1050          with the listed entity-tags).
    1051       </p>
    1052       <h3 id="rfc.section.4.3.2"><a href="#rfc.section.4.3.2">4.3.2</a>&nbsp;<a id="validation.received" href="#validation.received">Handling a Received Validation Request</a></h3>
    1053       <p id="rfc.section.4.3.2.p.1">Each client in the request chain may have its own cache, so it is common for a cache at an intermediary to receive conditional
    1054          requests from other (outbound) caches. Likewise, some user agents make use of conditional requests to limit data transfers
    1055          to recently modified representations or to complete the transfer of a partially retrieved representation.
    1056       </p>
    1057       <p id="rfc.section.4.3.2.p.2">If a cache receives a request that can be satisfied by reusing one of its stored <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> or <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a> responses, the cache <em class="bcp14">SHOULD</em> evaluate any applicable conditional header field preconditions received in that request with respect to the corresponding
    1058          validators contained within the selected response. A cache <em class="bcp14">MUST NOT</em> evaluate conditional header fields that are only applicable to an origin server, found in a request with semantics that cannot
    1059          be satisfied with a cached response, or applied to a target resource for which it has no stored responses; such preconditions
    1060          are likely intended for some other (inbound) server.
    1061       </p>
    1062       <p id="rfc.section.4.3.2.p.3">The proper evaluation of conditional requests by a cache depends on the received precondition header fields and their precedence,
    1063          as defined in <a href="p4-conditional.html#precedence" title="Precedence">Section 6</a> of <a href="#Part4" id="rfc.xref.Part4.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>. The <a href="p4-conditional.html#header.if-match" class="smpl">If-Match</a> and <a href="p4-conditional.html#header.if-unmodified-since" class="smpl">If-Unmodified-Since</a> conditional header fields are not applicable to a cache.
    1064       </p>
    1065       <p id="rfc.section.4.3.2.p.4">A request containing an <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> header field (<a href="p4-conditional.html#header.if-none-match" title="If-None-Match">Section 3.2</a> of <a href="#Part4" id="rfc.xref.Part4.6"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>) indicates that the client wants to validate one or more of its own stored responses in comparison to whichever stored response
    1066          is selected by the cache. If the field-value is "*", or if the field-value is a list of entity-tags and at least one of them
    1067          match the entity-tag of the selected stored response, a cache recipient <em class="bcp14">SHOULD</em> generate a <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response (using the metadata of the selected stored response) instead of sending that stored response.
    1068       </p>
    1069       <p id="rfc.section.4.3.2.p.5">When a cache decides to revalidate its own stored responses for a request that contains an <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> list of entity-tags, the cache <em class="bcp14">MAY</em> combine the received list with a list of entity-tags from its own stored set of responses (fresh or stale) and send the union
    1070          of the two lists as a replacement <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> header field value in the forwarded request. If a stored response contains only partial content, the cache <em class="bcp14">MUST NOT</em> include its entity-tag in the union unless the request is for a range that would be fully satisfied by that partial stored
    1071          response. If the response to the forwarded request is <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> and has an ETag header field value with an entity-tag that is not in the client's list, the cache <em class="bcp14">MUST</em> generate a <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> response for the client by reusing its corresponding stored response, as updated by the 304 response metadata (<a href="#freshening.responses" title="Freshening Stored Responses upon Validation">Section&nbsp;4.3.4</a>).
    1072       </p>
    1073       <p id="rfc.section.4.3.2.p.6">If an <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> header field is not present, a request containing an <a href="p4-conditional.html#header.if-modified-since" class="smpl">If-Modified-Since</a> header field (<a href="p4-conditional.html#header.if-modified-since" title="If-Modified-Since">Section 3.3</a> of <a href="#Part4" id="rfc.xref.Part4.7"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>) indicates that the client wants to validate one or more of its own stored responses by modification date. A cache recipient <em class="bcp14">SHOULD</em> generate a <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response (using the metadata of the selected stored response) if one of the following cases is true: 1) the selected stored
    1074          response has a <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> field-value that is earlier than or equal to the conditional timestamp; 2) no <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> field is present in the selected stored response, but it has a <a href="p2-semantics.html#header.date" class="smpl">Date</a> field-value that is earlier than or equal to the conditional timestamp; or, 3) neither <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> nor <a href="p2-semantics.html#header.date" class="smpl">Date</a> is present in the selected stored response, but the cache recorded it as having been received at a time earlier than or equal
    1075          to the conditional timestamp.
    1076       </p>
    1077       <p id="rfc.section.4.3.2.p.7">A cache that implements partial responses to range requests, as defined in <a href="#Part5" id="rfc.xref.Part5.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>, also needs to evaluate a received <a href="p5-range.html#header.if-range" class="smpl">If-Range</a> header field (<a href="p5-range.html#header.if-range" title="If-Range">Section 3.2</a> of <a href="#Part5" id="rfc.xref.Part5.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>) with respect to its selected stored response.
    1078       </p>
    1079       <h3 id="rfc.section.4.3.3"><a href="#rfc.section.4.3.3">4.3.3</a>&nbsp;<a id="validation.response" href="#validation.response">Handling a Validation Response</a></h3>
    1080       <p id="rfc.section.4.3.3.p.1">Cache handling of a response to a conditional request is dependent upon its status code:</p>
    1081       <p id="rfc.section.4.3.3.p.2"></p>
    1082       <ul>
    1083          <li>A <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response status code indicates that the stored response can be updated and reused; see <a href="#freshening.responses" title="Freshening Stored Responses upon Validation">Section&nbsp;4.3.4</a>.
    1084          </li>
    1085          <li>A full response (i.e., one with a payload body) indicates that none of the stored responses nominated in the conditional request
    1086             is suitable. Instead, the cache <em class="bcp14">MUST</em> use the full response to satisfy the request and <em class="bcp14">MAY</em> replace the stored response(s).
    1087          </li>
    1088          <li>However, if a cache receives a <a href="p2-semantics.html#status.5xx" class="smpl">5xx (Server Error)</a> response while attempting to validate a response, it can either forward this response to the requesting client, or act as
    1089             if the server failed to respond. In the latter case, the cache <em class="bcp14">MAY</em> send a previously stored response (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section&nbsp;4.2.4</a>).
    1090          </li>
    1091       </ul>
    1092       <h3 id="rfc.section.4.3.4"><a href="#rfc.section.4.3.4">4.3.4</a>&nbsp;<a id="freshening.responses" href="#freshening.responses">Freshening Stored Responses upon Validation</a></h3>
    1093       <p id="rfc.section.4.3.4.p.1">When a cache receives a <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response and already has one or more stored <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> responses for the same cache key, the cache needs to identify which of the stored responses are updated by this new response
    1094          and then update the stored response(s) with the new information provided in the <a href="p4-conditional.html#status.304" class="smpl">304</a> response.
    1095       </p>
    1096       <div id="rfc.iref.s.3"></div>
    1097       <p id="rfc.section.4.3.4.p.2">The stored response to update is identified by using the first match (if any) of: </p>
    1098       <ul>
    1099          <li>If the new response contains a <dfn>strong validator</dfn> (see <a href="p4-conditional.html#weak.and.strong.validators" title="Weak versus Strong">Section 2.1</a> of <a href="#Part4" id="rfc.xref.Part4.8"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>), then that strong validator identifies the selected representation for update. All of the stored responses with the same
    1100             strong validator are selected. If none of the stored responses contain the same strong validator, then the cache <em class="bcp14">MUST NOT</em> use the new response to update any stored responses.
    1101          </li>
    1102          <li>If the new response contains a weak validator and that validator corresponds to one of the cache's stored responses, then
    1103             the most recent of those matching stored responses is selected for update.
    1104          </li>
    1105          <li>If the new response does not include any form of validator (such as in the case where a client generates an If-Modified-Since
    1106             request from a source other than the Last-Modified response header field), and there is only one stored response, and that
    1107             stored response also lacks a validator, then that stored response is selected for update.
    1108          </li>
    1109       </ul>
    1110       <p id="rfc.section.4.3.4.p.3">If a stored response is selected for update, the cache <em class="bcp14">MUST</em>:
    1111       </p>
    1112       <ul>
    1113          <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.2" title="Warning">Section&nbsp;5.5</a>);
    1114          </li>
    1115          <li>retain any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 2xx; and,
    1116          </li>
    1117          <li>use other header fields provided in the <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response to replace all instances of the corresponding header fields in the stored response.
    1118          </li>
    1119       </ul>
    1120       <h3 id="rfc.section.4.3.5"><a href="#rfc.section.4.3.5">4.3.5</a>&nbsp;<a id="head.effects" href="#head.effects">Freshening Responses via HEAD</a></h3>
    1121       <p id="rfc.section.4.3.5.p.1">A response to the HEAD method is identical to what an equivalent request made with a GET would have been, except it lacks
    1122          a body. This property of HEAD responses can be used to invalidate or update a cached GET response if the more efficient conditional
    1123          GET request mechanism is not available (due to no validators being present in the stored response) or if transmission of the
    1124          representation body is not desired even if it has changed.
    1125       </p>
    1126       <p id="rfc.section.4.3.5.p.2">When a cache makes an inbound HEAD request for a given request target and receives a <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> response, the cache <em class="bcp14">SHOULD</em> update or invalidate each of its stored GET responses that could have been selected for that request (see <a href="#caching.negotiated.responses" title="Calculating Secondary Keys with Vary">Section&nbsp;4.1</a>).
    1127       </p>
    1128       <p id="rfc.section.4.3.5.p.3">For each of the stored responses that could have been selected, if the stored response and HEAD response have matching values
    1129          for any received validator fields (<a href="p4-conditional.html#header.etag" class="smpl">ETag</a> and <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a>) and, if the HEAD response has a <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a> header field, the value of <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a> matches that of the stored response, the cache <em class="bcp14">SHOULD</em> update the stored response a described below; otherwise, the cache <em class="bcp14">SHOULD</em> consider the stored response to be stale.
    1130       </p>
    1131       <p id="rfc.section.4.3.5.p.4">If a cache updates a stored response with the metadata provided in a HEAD response, the cache <em class="bcp14">MUST</em>:
    1132       </p>
    1133       <ul>
    1134          <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.3" title="Warning">Section&nbsp;5.5</a>);
    1135          </li>
    1136          <li>retain any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 2xx; and,
    1137          </li>
    1138          <li>use other header fields provided in the HEAD response to replace all instances of the corresponding header fields in the stored
    1139             response and append new header fields to the stored response's header section unless otherwise restricted by the <a href="#header.cache-control" class="smpl">Cache-Control</a> header field.
    1140          </li>
    1141       </ul>
    1142       <h2 id="rfc.section.4.4"><a href="#rfc.section.4.4">4.4</a>&nbsp;<a id="invalidation" href="#invalidation">Invalidation</a></h2>
    1143       <p id="rfc.section.4.4.p.1">Because unsafe request methods (<a href="p2-semantics.html#safe.methods" title="Safe Methods">Section 4.2.1</a> of <a href="#Part2" id="rfc.xref.Part2.6"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>) such as PUT, POST or DELETE have the potential for changing state on the origin server, intervening caches can use them
    1144          to keep their contents up-to-date.
    1145       </p>
    1146       <p id="rfc.section.4.4.p.2">A cache <em class="bcp14">MUST</em> invalidate the effective Request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.6"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) as well as the URI(s) in the <a href="p2-semantics.html#header.location" class="smpl">Location</a> and <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> response header fields (if present) when a non-error status code is received in response to an unsafe request method.
    1147       </p>
    1148       <p id="rfc.section.4.4.p.3">However, a cache <em class="bcp14">MUST NOT</em> invalidate a URI from a <a href="p2-semantics.html#header.location" class="smpl">Location</a> or <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> response header field if the host part of that URI differs from the host part in the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.7"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). This helps prevent denial of service attacks.
    1149       </p>
    1150       <p id="rfc.section.4.4.p.4">A cache <em class="bcp14">MUST</em> invalidate the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.8"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) when it receives a non-error response to a request with a method whose safety is unknown.
    1151       </p>
    1152       <p id="rfc.section.4.4.p.5">Here, a "non-error response" is one with a <a href="p2-semantics.html#status.2xx" class="smpl">2xx (Successful)</a> or <a href="p2-semantics.html#status.3xx" class="smpl">3xx (Redirection)</a> status code. "Invalidate" means that the cache will either remove all stored responses related to the effective request URI,
    1153          or will mark these as "invalid" and in need of a mandatory validation before they can be sent in response to a subsequent
    1154          request.
    1155       </p>
    1156       <p id="rfc.section.4.4.p.6">Note that this does not guarantee that all appropriate responses are invalidated. For example, a state-changing request might
    1157          invalidate responses in the caches it travels through, but relevant responses still might be stored in other caches that it
    1158          has not.
    1159       </p>
    1160       <h1 id="rfc.section.5"><a href="#rfc.section.5">5.</a>&nbsp;<a id="header.field.definitions" href="#header.field.definitions">Header Field Definitions</a></h1>
    1161       <p id="rfc.section.5.p.1">This section defines the syntax and semantics of HTTP/1.1 header fields related to caching.</p>
    1162       <div id="rfc.iref.a.2"></div>
    1163       <h2 id="rfc.section.5.1"><a href="#rfc.section.5.1">5.1</a>&nbsp;<a id="header.age" href="#header.age">Age</a></h2>
    1164       <p id="rfc.section.5.1.p.1">The "Age" header field conveys the sender's estimate of the amount of time since the response was generated or successfully
    1165          validated at the origin server. Age values are calculated as specified in <a href="#age.calculations" title="Calculating Age">Section&nbsp;4.2.3</a>.
    1166       </p>
    1167       <div id="rfc.figure.u.6"></div><pre class="inline"><span id="rfc.iref.g.2"></span>  <a href="#header.age" class="smpl">Age</a> = <a href="#delta-seconds" class="smpl">delta-seconds</a>
     1050</pre></div>
     1051            <div id="serving.stale.responses">
     1052               <h3 id="rfc.section.4.2.4"><a href="#rfc.section.4.2.4">4.2.4</a>&nbsp;<a href="#serving.stale.responses">Serving Stale Responses</a></h3>
     1053               <p id="rfc.section.4.2.4.p.1">A "stale" response is one that either has explicit expiry information or is allowed to have heuristic expiry calculated, but
     1054                  is not fresh according to the calculations in <a href="#expiration.model" title="Freshness">Section&nbsp;4.2</a>.
     1055               </p>
     1056               <p id="rfc.section.4.2.4.p.2">A cache <em class="bcp14">MUST NOT</em> generate a stale response if it is prohibited by an explicit in-protocol directive (e.g., by a "no-store" or "no-cache" cache
     1057                  directive, a "must-revalidate" cache-response-directive, or an applicable "s-maxage" or "proxy-revalidate" cache-response-directive;
     1058                  see <a href="#cache-response-directive" title="Response Cache-Control Directives">Section&nbsp;5.2.2</a>).
     1059               </p>
     1060               <p id="rfc.section.4.2.4.p.3">A cache <em class="bcp14">MUST NOT</em> send stale responses unless it is disconnected (i.e., it cannot contact the origin server or otherwise find a forward path)
     1061                  or doing so is explicitly allowed (e.g., by the max-stale request directive; see <a href="#cache-request-directive" title="Request Cache-Control Directives">Section&nbsp;5.2.1</a>).
     1062               </p>
     1063               <p id="rfc.section.4.2.4.p.4">A cache <em class="bcp14">SHOULD</em> generate a <a href="#header.warning" class="smpl">Warning</a> header field with the 110 warn-code (see <a href="#warn.110" id="rfc.xref.warn.110.1" title="Warning: 110 - &#34;Response is Stale&#34;">Section&nbsp;5.5.1</a>) in stale responses. Likewise, a cache <em class="bcp14">SHOULD</em> generate a 112 warn-code (see <a href="#warn.112" id="rfc.xref.warn.112.1" title="Warning: 112 - &#34;Disconnected Operation&#34;">Section&nbsp;5.5.3</a>) in stale responses if the cache is disconnected.
     1064               </p>
     1065               <p id="rfc.section.4.2.4.p.5">A cache <em class="bcp14">SHOULD NOT</em> generate a new <a href="#header.warning" class="smpl">Warning</a> header field when forwarding a response that does not have an <a href="#header.age" class="smpl">Age</a> header field, even if the response is already stale. A cache need not validate a response that merely became stale in transit.
     1066               </p>
     1067            </div>
     1068         </div>
     1069         <div id="validation.model">
     1070            <h2 id="rfc.section.4.3"><a href="#rfc.section.4.3">4.3</a>&nbsp;<a href="#validation.model">Validation</a></h2>
     1071            <p id="rfc.section.4.3.p.1">When a cache has one or more stored responses for a requested URI, but cannot serve any of them (e.g., because they are not
     1072               fresh, or one cannot be selected; see <a href="#caching.negotiated.responses" title="Calculating Secondary Keys with Vary">Section&nbsp;4.1</a>), it can use the conditional request mechanism <a href="#Part4" id="rfc.xref.Part4.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a> in the forwarded request to give the next inbound server an opportunity to select a valid stored response to use, updating
     1073               the stored metadata in the process, or to replace the stored response(s) with a new response. This process is known as "validating"
     1074               or "revalidating" the stored response.
     1075            </p>
     1076            <div id="validation.sent">
     1077               <div id="rfc.iref.v.1"></div>
     1078               <h3 id="rfc.section.4.3.1"><a href="#rfc.section.4.3.1">4.3.1</a>&nbsp;<a href="#validation.sent">Sending a Validation Request</a></h3>
     1079               <p id="rfc.section.4.3.1.p.1">When sending a conditional request for cache validation, a cache sends one or more precondition header fields containing <dfn>validator</dfn> metadata from its stored response(s), which is then compared by recipients to determine whether a stored response is equivalent
     1080                  to a current representation of the resource.
     1081               </p>
     1082               <p id="rfc.section.4.3.1.p.2">One such validator is the timestamp given in a <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> header field (<a href="p4-conditional.html#header.last-modified" title="Last-Modified">Section 2.2</a> of <a href="#Part4" id="rfc.xref.Part4.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>), which can be used in an <a href="p4-conditional.html#header.if-modified-since" class="smpl">If-Modified-Since</a> header field for response validation, or in an <a href="p4-conditional.html#header.if-unmodified-since" class="smpl">If-Unmodified-Since</a> or <a href="p5-range.html#header.if-range" class="smpl">If-Range</a> header field for representation selection (i.e., the client is referring specifically to a previously obtained representation
     1083                  with that timestamp).
     1084               </p>
     1085               <p id="rfc.section.4.3.1.p.3">Another validator is the entity-tag given in an <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> header field (<a href="p4-conditional.html#header.etag" title="ETag">Section 2.3</a> of <a href="#Part4" id="rfc.xref.Part4.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>). One or more entity-tags, indicating one or more stored responses, can be used in an <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> header field for response validation, or in an <a href="p4-conditional.html#header.if-match" class="smpl">If-Match</a> or <a href="p5-range.html#header.if-range" class="smpl">If-Range</a> header field for representation selection (i.e., the client is referring specifically to one or more previously obtained representations
     1086                  with the listed entity-tags).
     1087               </p>
     1088            </div>
     1089            <div id="validation.received">
     1090               <h3 id="rfc.section.4.3.2"><a href="#rfc.section.4.3.2">4.3.2</a>&nbsp;<a href="#validation.received">Handling a Received Validation Request</a></h3>
     1091               <p id="rfc.section.4.3.2.p.1">Each client in the request chain may have its own cache, so it is common for a cache at an intermediary to receive conditional
     1092                  requests from other (outbound) caches. Likewise, some user agents make use of conditional requests to limit data transfers
     1093                  to recently modified representations or to complete the transfer of a partially retrieved representation.
     1094               </p>
     1095               <p id="rfc.section.4.3.2.p.2">If a cache receives a request that can be satisfied by reusing one of its stored <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> or <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a> responses, the cache <em class="bcp14">SHOULD</em> evaluate any applicable conditional header field preconditions received in that request with respect to the corresponding
     1096                  validators contained within the selected response. A cache <em class="bcp14">MUST NOT</em> evaluate conditional header fields that are only applicable to an origin server, found in a request with semantics that cannot
     1097                  be satisfied with a cached response, or applied to a target resource for which it has no stored responses; such preconditions
     1098                  are likely intended for some other (inbound) server.
     1099               </p>
     1100               <p id="rfc.section.4.3.2.p.3">The proper evaluation of conditional requests by a cache depends on the received precondition header fields and their precedence,
     1101                  as defined in <a href="p4-conditional.html#precedence" title="Precedence">Section 6</a> of <a href="#Part4" id="rfc.xref.Part4.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>. The <a href="p4-conditional.html#header.if-match" class="smpl">If-Match</a> and <a href="p4-conditional.html#header.if-unmodified-since" class="smpl">If-Unmodified-Since</a> conditional header fields are not applicable to a cache.
     1102               </p>
     1103               <p id="rfc.section.4.3.2.p.4">A request containing an <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> header field (<a href="p4-conditional.html#header.if-none-match" title="If-None-Match">Section 3.2</a> of <a href="#Part4" id="rfc.xref.Part4.6"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>) indicates that the client wants to validate one or more of its own stored responses in comparison to whichever stored response
     1104                  is selected by the cache. If the field-value is "*", or if the field-value is a list of entity-tags and at least one of them
     1105                  match the entity-tag of the selected stored response, a cache recipient <em class="bcp14">SHOULD</em> generate a <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response (using the metadata of the selected stored response) instead of sending that stored response.
     1106               </p>
     1107               <p id="rfc.section.4.3.2.p.5">When a cache decides to revalidate its own stored responses for a request that contains an <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> list of entity-tags, the cache <em class="bcp14">MAY</em> combine the received list with a list of entity-tags from its own stored set of responses (fresh or stale) and send the union
     1108                  of the two lists as a replacement <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> header field value in the forwarded request. If a stored response contains only partial content, the cache <em class="bcp14">MUST NOT</em> include its entity-tag in the union unless the request is for a range that would be fully satisfied by that partial stored
     1109                  response. If the response to the forwarded request is <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> and has an ETag header field value with an entity-tag that is not in the client's list, the cache <em class="bcp14">MUST</em> generate a <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> response for the client by reusing its corresponding stored response, as updated by the 304 response metadata (<a href="#freshening.responses" title="Freshening Stored Responses upon Validation">Section&nbsp;4.3.4</a>).
     1110               </p>
     1111               <p id="rfc.section.4.3.2.p.6">If an <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> header field is not present, a request containing an <a href="p4-conditional.html#header.if-modified-since" class="smpl">If-Modified-Since</a> header field (<a href="p4-conditional.html#header.if-modified-since" title="If-Modified-Since">Section 3.3</a> of <a href="#Part4" id="rfc.xref.Part4.7"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>) indicates that the client wants to validate one or more of its own stored responses by modification date. A cache recipient <em class="bcp14">SHOULD</em> generate a <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response (using the metadata of the selected stored response) if one of the following cases is true: 1) the selected stored
     1112                  response has a <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> field-value that is earlier than or equal to the conditional timestamp; 2) no <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> field is present in the selected stored response, but it has a <a href="p2-semantics.html#header.date" class="smpl">Date</a> field-value that is earlier than or equal to the conditional timestamp; or, 3) neither <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> nor <a href="p2-semantics.html#header.date" class="smpl">Date</a> is present in the selected stored response, but the cache recorded it as having been received at a time earlier than or equal
     1113                  to the conditional timestamp.
     1114               </p>
     1115               <p id="rfc.section.4.3.2.p.7">A cache that implements partial responses to range requests, as defined in <a href="#Part5" id="rfc.xref.Part5.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>, also needs to evaluate a received <a href="p5-range.html#header.if-range" class="smpl">If-Range</a> header field (<a href="p5-range.html#header.if-range" title="If-Range">Section 3.2</a> of <a href="#Part5" id="rfc.xref.Part5.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>) with respect to its selected stored response.
     1116               </p>
     1117            </div>
     1118            <div id="validation.response">
     1119               <h3 id="rfc.section.4.3.3"><a href="#rfc.section.4.3.3">4.3.3</a>&nbsp;<a href="#validation.response">Handling a Validation Response</a></h3>
     1120               <p id="rfc.section.4.3.3.p.1">Cache handling of a response to a conditional request is dependent upon its status code:</p>
     1121               <p id="rfc.section.4.3.3.p.2"></p>
     1122               <ul>
     1123                  <li>A <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response status code indicates that the stored response can be updated and reused; see <a href="#freshening.responses" title="Freshening Stored Responses upon Validation">Section&nbsp;4.3.4</a>.
     1124                  </li>
     1125                  <li>A full response (i.e., one with a payload body) indicates that none of the stored responses nominated in the conditional request
     1126                     is suitable. Instead, the cache <em class="bcp14">MUST</em> use the full response to satisfy the request and <em class="bcp14">MAY</em> replace the stored response(s).
     1127                  </li>
     1128                  <li>However, if a cache receives a <a href="p2-semantics.html#status.5xx" class="smpl">5xx (Server Error)</a> response while attempting to validate a response, it can either forward this response to the requesting client, or act as
     1129                     if the server failed to respond. In the latter case, the cache <em class="bcp14">MAY</em> send a previously stored response (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section&nbsp;4.2.4</a>).
     1130                  </li>
     1131               </ul>
     1132            </div>
     1133            <div id="freshening.responses">
     1134               <h3 id="rfc.section.4.3.4"><a href="#rfc.section.4.3.4">4.3.4</a>&nbsp;<a href="#freshening.responses">Freshening Stored Responses upon Validation</a></h3>
     1135               <p id="rfc.section.4.3.4.p.1">When a cache receives a <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response and already has one or more stored <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> responses for the same cache key, the cache needs to identify which of the stored responses are updated by this new response
     1136                  and then update the stored response(s) with the new information provided in the <a href="p4-conditional.html#status.304" class="smpl">304</a> response.
     1137               </p>
     1138               <div id="rfc.iref.s.3"></div>
     1139               <p id="rfc.section.4.3.4.p.2">The stored response to update is identified by using the first match (if any) of: </p>
     1140               <ul>
     1141                  <li>If the new response contains a <dfn>strong validator</dfn> (see <a href="p4-conditional.html#weak.and.strong.validators" title="Weak versus Strong">Section 2.1</a> of <a href="#Part4" id="rfc.xref.Part4.8"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>), then that strong validator identifies the selected representation for update. All of the stored responses with the same
     1142                     strong validator are selected. If none of the stored responses contain the same strong validator, then the cache <em class="bcp14">MUST NOT</em> use the new response to update any stored responses.
     1143                  </li>
     1144                  <li>If the new response contains a weak validator and that validator corresponds to one of the cache's stored responses, then
     1145                     the most recent of those matching stored responses is selected for update.
     1146                  </li>
     1147                  <li>If the new response does not include any form of validator (such as in the case where a client generates an If-Modified-Since
     1148                     request from a source other than the Last-Modified response header field), and there is only one stored response, and that
     1149                     stored response also lacks a validator, then that stored response is selected for update.
     1150                  </li>
     1151               </ul>
     1152               <p id="rfc.section.4.3.4.p.3">If a stored response is selected for update, the cache <em class="bcp14">MUST</em>:
     1153               </p>
     1154               <ul>
     1155                  <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.2" title="Warning">Section&nbsp;5.5</a>);
     1156                  </li>
     1157                  <li>retain any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 2xx; and,
     1158                  </li>
     1159                  <li>use other header fields provided in the <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response to replace all instances of the corresponding header fields in the stored response.
     1160                  </li>
     1161               </ul>
     1162            </div>
     1163            <div id="head.effects">
     1164               <h3 id="rfc.section.4.3.5"><a href="#rfc.section.4.3.5">4.3.5</a>&nbsp;<a href="#head.effects">Freshening Responses via HEAD</a></h3>
     1165               <p id="rfc.section.4.3.5.p.1">A response to the HEAD method is identical to what an equivalent request made with a GET would have been, except it lacks
     1166                  a body. This property of HEAD responses can be used to invalidate or update a cached GET response if the more efficient conditional
     1167                  GET request mechanism is not available (due to no validators being present in the stored response) or if transmission of the
     1168                  representation body is not desired even if it has changed.
     1169               </p>
     1170               <p id="rfc.section.4.3.5.p.2">When a cache makes an inbound HEAD request for a given request target and receives a <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> response, the cache <em class="bcp14">SHOULD</em> update or invalidate each of its stored GET responses that could have been selected for that request (see <a href="#caching.negotiated.responses" title="Calculating Secondary Keys with Vary">Section&nbsp;4.1</a>).
     1171               </p>
     1172               <p id="rfc.section.4.3.5.p.3">For each of the stored responses that could have been selected, if the stored response and HEAD response have matching values
     1173                  for any received validator fields (<a href="p4-conditional.html#header.etag" class="smpl">ETag</a> and <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a>) and, if the HEAD response has a <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a> header field, the value of <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a> matches that of the stored response, the cache <em class="bcp14">SHOULD</em> update the stored response a described below; otherwise, the cache <em class="bcp14">SHOULD</em> consider the stored response to be stale.
     1174               </p>
     1175               <p id="rfc.section.4.3.5.p.4">If a cache updates a stored response with the metadata provided in a HEAD response, the cache <em class="bcp14">MUST</em>:
     1176               </p>
     1177               <ul>
     1178                  <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.3" title="Warning">Section&nbsp;5.5</a>);
     1179                  </li>
     1180                  <li>retain any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 2xx; and,
     1181                  </li>
     1182                  <li>use other header fields provided in the HEAD response to replace all instances of the corresponding header fields in the stored
     1183                     response and append new header fields to the stored response's header section unless otherwise restricted by the <a href="#header.cache-control" class="smpl">Cache-Control</a> header field.
     1184                  </li>
     1185               </ul>
     1186            </div>
     1187         </div>
     1188         <div id="invalidation">
     1189            <h2 id="rfc.section.4.4"><a href="#rfc.section.4.4">4.4</a>&nbsp;<a href="#invalidation">Invalidation</a></h2>
     1190            <p id="rfc.section.4.4.p.1">Because unsafe request methods (<a href="p2-semantics.html#safe.methods" title="Safe Methods">Section 4.2.1</a> of <a href="#Part2" id="rfc.xref.Part2.6"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>) such as PUT, POST or DELETE have the potential for changing state on the origin server, intervening caches can use them
     1191               to keep their contents up-to-date.
     1192            </p>
     1193            <p id="rfc.section.4.4.p.2">A cache <em class="bcp14">MUST</em> invalidate the effective Request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.6"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) as well as the URI(s) in the <a href="p2-semantics.html#header.location" class="smpl">Location</a> and <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> response header fields (if present) when a non-error status code is received in response to an unsafe request method.
     1194            </p>
     1195            <p id="rfc.section.4.4.p.3">However, a cache <em class="bcp14">MUST NOT</em> invalidate a URI from a <a href="p2-semantics.html#header.location" class="smpl">Location</a> or <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> response header field if the host part of that URI differs from the host part in the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.7"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). This helps prevent denial of service attacks.
     1196            </p>
     1197            <p id="rfc.section.4.4.p.4">A cache <em class="bcp14">MUST</em> invalidate the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.8"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) when it receives a non-error response to a request with a method whose safety is unknown.
     1198            </p>
     1199            <p id="rfc.section.4.4.p.5">Here, a "non-error response" is one with a <a href="p2-semantics.html#status.2xx" class="smpl">2xx (Successful)</a> or <a href="p2-semantics.html#status.3xx" class="smpl">3xx (Redirection)</a> status code. "Invalidate" means that the cache will either remove all stored responses related to the effective request URI,
     1200               or will mark these as "invalid" and in need of a mandatory validation before they can be sent in response to a subsequent
     1201               request.
     1202            </p>
     1203            <p id="rfc.section.4.4.p.6">Note that this does not guarantee that all appropriate responses are invalidated. For example, a state-changing request might
     1204               invalidate responses in the caches it travels through, but relevant responses still might be stored in other caches that it
     1205               has not.
     1206            </p>
     1207         </div>
     1208      </div>
     1209      <div id="header.field.definitions">
     1210         <h1 id="rfc.section.5"><a href="#rfc.section.5">5.</a>&nbsp;<a href="#header.field.definitions">Header Field Definitions</a></h1>
     1211         <p id="rfc.section.5.p.1">This section defines the syntax and semantics of HTTP/1.1 header fields related to caching.</p>
     1212         <div id="header.age">
     1213            <div id="rfc.iref.a.2"></div>
     1214            <h2 id="rfc.section.5.1"><a href="#rfc.section.5.1">5.1</a>&nbsp;<a href="#header.age">Age</a></h2>
     1215            <p id="rfc.section.5.1.p.1">The "Age" header field conveys the sender's estimate of the amount of time since the response was generated or successfully
     1216               validated at the origin server. Age values are calculated as specified in <a href="#age.calculations" title="Calculating Age">Section&nbsp;4.2.3</a>.
     1217            </p>
     1218            <div id="rfc.figure.u.6"></div><pre class="inline"><span id="rfc.iref.g.2"></span>  <a href="#header.age" class="smpl">Age</a> = <a href="#delta-seconds" class="smpl">delta-seconds</a>
    11681219</pre><p id="rfc.section.5.1.p.3">The Age field-value is a non-negative integer, representing time in seconds (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>).
    1169       </p>
    1170       <p id="rfc.section.5.1.p.4">The presence of an Age header field implies that the response was not generated or validated by the origin server for this
    1171          request. However, lack of an Age header field does not imply the origin was contacted, since the response might have been
    1172          received from an HTTP/1.0 cache that does not implement Age.
    1173       </p>
    1174       <div id="rfc.iref.c.5"></div>
    1175       <h2 id="rfc.section.5.2"><a href="#rfc.section.5.2">5.2</a>&nbsp;<a id="header.cache-control" href="#header.cache-control">Cache-Control</a></h2>
    1176       <p id="rfc.section.5.2.p.1">The "Cache-Control" header field is used to specify directives for caches along the request/response chain. Such cache directives
    1177          are unidirectional in that the presence of a directive in a request does not imply that the same directive is to be given
    1178          in the response.
    1179       </p>
    1180       <p id="rfc.section.5.2.p.2">A cache <em class="bcp14">MUST</em> obey the requirements of the Cache-Control directives defined in this section. See <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;5.2.3</a> for information about how Cache-Control directives defined elsewhere are handled.
    1181       </p>
    1182       <div class="note" id="rfc.section.5.2.p.3">
    1183          <p><b>Note:</b> Some HTTP/1.0 caches might not implement Cache-Control.
    1184          </p>
    1185       </div>
    1186       <p id="rfc.section.5.2.p.4">A proxy, whether or not it implements a cache, <em class="bcp14">MUST</em> pass cache directives through in forwarded messages, regardless of their significance to that application, since the directives
    1187          might be applicable to all recipients along the request/response chain. It is not possible to target a directive to a specific
    1188          cache.
    1189       </p>
    1190       <p id="rfc.section.5.2.p.5">Cache directives are identified by a token, to be compared case-insensitively, and have an optional argument, that can use
    1191          both token and quoted-string syntax. For the directives defined below that define arguments, recipients ought to accept both
    1192          forms, even if one is documented to be preferred. For any directive not defined by this specification, a recipient <em class="bcp14">MUST</em> accept both forms.
    1193       </p>
    1194       <div id="rfc.figure.u.7"></div><pre class="inline"><span id="rfc.iref.g.3"></span><span id="rfc.iref.g.4"></span>  <a href="#header.cache-control" class="smpl">Cache-Control</a>   = 1#<a href="#header.cache-control" class="smpl">cache-directive</a>
     1220            </p>
     1221            <p id="rfc.section.5.1.p.4">The presence of an Age header field implies that the response was not generated or validated by the origin server for this
     1222               request. However, lack of an Age header field does not imply the origin was contacted, since the response might have been
     1223               received from an HTTP/1.0 cache that does not implement Age.
     1224            </p>
     1225         </div>
     1226         <div id="header.cache-control">
     1227            <div id="rfc.iref.c.5"></div>
     1228            <h2 id="rfc.section.5.2"><a href="#rfc.section.5.2">5.2</a>&nbsp;<a href="#header.cache-control">Cache-Control</a></h2>
     1229            <p id="rfc.section.5.2.p.1">The "Cache-Control" header field is used to specify directives for caches along the request/response chain. Such cache directives
     1230               are unidirectional in that the presence of a directive in a request does not imply that the same directive is to be given
     1231               in the response.
     1232            </p>
     1233            <p id="rfc.section.5.2.p.2">A cache <em class="bcp14">MUST</em> obey the requirements of the Cache-Control directives defined in this section. See <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;5.2.3</a> for information about how Cache-Control directives defined elsewhere are handled.
     1234            </p>
     1235            <div class="note" id="rfc.section.5.2.p.3">
     1236               <p><b>Note:</b> Some HTTP/1.0 caches might not implement Cache-Control.
     1237               </p>
     1238            </div>
     1239            <p id="rfc.section.5.2.p.4">A proxy, whether or not it implements a cache, <em class="bcp14">MUST</em> pass cache directives through in forwarded messages, regardless of their significance to that application, since the directives
     1240               might be applicable to all recipients along the request/response chain. It is not possible to target a directive to a specific
     1241               cache.
     1242            </p>
     1243            <p id="rfc.section.5.2.p.5">Cache directives are identified by a token, to be compared case-insensitively, and have an optional argument, that can use
     1244               both token and quoted-string syntax. For the directives defined below that define arguments, recipients ought to accept both
     1245               forms, even if one is documented to be preferred. For any directive not defined by this specification, a recipient <em class="bcp14">MUST</em> accept both forms.
     1246            </p>
     1247            <div id="rfc.figure.u.7"></div><pre class="inline"><span id="rfc.iref.g.3"></span><span id="rfc.iref.g.4"></span>  <a href="#header.cache-control" class="smpl">Cache-Control</a>   = 1#<a href="#header.cache-control" class="smpl">cache-directive</a>
    11951248
    11961249  <a href="#header.cache-control" class="smpl">cache-directive</a> = <a href="#imported.abnf" class="smpl">token</a> [ "=" ( <a href="#imported.abnf" class="smpl">token</a> / <a href="#imported.abnf" class="smpl">quoted-string</a> ) ]
    11971250</pre><p id="rfc.section.5.2.p.7">For the cache directives defined below, no argument is defined (nor allowed) unless stated otherwise.</p>
    1198       <h3 id="rfc.section.5.2.1"><a href="#rfc.section.5.2.1">5.2.1</a>&nbsp;<a id="cache-request-directive" href="#cache-request-directive">Request Cache-Control Directives</a></h3>
    1199       <div id="rfc.iref.m.1"></div>
    1200       <h4 id="rfc.section.5.2.1.1"><a href="#rfc.section.5.2.1.1">5.2.1.1</a>&nbsp;<a id="cache-request-directive.max-age" href="#cache-request-directive.max-age">max-age</a></h4>
    1201       <p id="rfc.section.5.2.1.1.p.1">Argument syntax: </p>
    1202       <ul class="empty">
    1203          <li><a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>)
    1204          </li>
    1205       </ul>
    1206       <p id="rfc.section.5.2.1.1.p.2">The "max-age" request directive indicates that the client is unwilling to accept a response whose age is greater than the
    1207          specified number of seconds. Unless the max-stale request directive is also present, the client is not willing to accept a
    1208          stale response.
    1209       </p>
    1210       <p id="rfc.section.5.2.1.1.p.3"><b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-age=5', not 'max-age="5"'. A sender <em class="bcp14">SHOULD NOT</em> generate the quoted-string form.
    1211       </p>
    1212       <div id="rfc.iref.m.2"></div>
    1213       <h4 id="rfc.section.5.2.1.2"><a href="#rfc.section.5.2.1.2">5.2.1.2</a>&nbsp;<a id="cache-request-directive.max-stale" href="#cache-request-directive.max-stale">max-stale</a></h4>
    1214       <p id="rfc.section.5.2.1.2.p.1">Argument syntax: </p>
    1215       <ul class="empty">
    1216          <li><a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>)
    1217          </li>
    1218       </ul>
    1219       <p id="rfc.section.5.2.1.2.p.2">The "max-stale" request directive indicates that the client is willing to accept a response that has exceeded its freshness
    1220          lifetime. If max-stale is assigned a value, then the client is willing to accept a response that has exceeded its freshness
    1221          lifetime by no more than the specified number of seconds. If no value is assigned to max-stale, then the client is willing
    1222          to accept a stale response of any age.
    1223       </p>
    1224       <p id="rfc.section.5.2.1.2.p.3"><b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-stale=10', not 'max-stale="10"'. A sender <em class="bcp14">SHOULD NOT</em> generate the quoted-string form.
    1225       </p>
    1226       <div id="rfc.iref.m.3"></div>
    1227       <h4 id="rfc.section.5.2.1.3"><a href="#rfc.section.5.2.1.3">5.2.1.3</a>&nbsp;<a id="cache-request-directive.min-fresh" href="#cache-request-directive.min-fresh">min-fresh</a></h4>
    1228       <p id="rfc.section.5.2.1.3.p.1">Argument syntax: </p>
    1229       <ul class="empty">
    1230          <li><a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>)
    1231          </li>
    1232       </ul>
    1233       <p id="rfc.section.5.2.1.3.p.2">The "min-fresh" request directive indicates that the client is willing to accept a response whose freshness lifetime is no
    1234          less than its current age plus the specified time in seconds. That is, the client wants a response that will still be fresh
    1235          for at least the specified number of seconds.
    1236       </p>
    1237       <p id="rfc.section.5.2.1.3.p.3"><b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'min-fresh=20', not 'min-fresh="20"'. A sender <em class="bcp14">SHOULD NOT</em> generate the quoted-string form.
    1238       </p>
    1239       <div id="rfc.iref.n.1"></div>
    1240       <h4 id="rfc.section.5.2.1.4"><a href="#rfc.section.5.2.1.4">5.2.1.4</a>&nbsp;<a id="cache-request-directive.no-cache" href="#cache-request-directive.no-cache">no-cache</a></h4>
    1241       <p id="rfc.section.5.2.1.4.p.1">The "no-cache" request directive indicates that a cache <em class="bcp14">MUST NOT</em> use a stored response to satisfy the request without successful validation on the origin server.
    1242       </p>
    1243       <div id="rfc.iref.n.2"></div>
    1244       <h4 id="rfc.section.5.2.1.5"><a href="#rfc.section.5.2.1.5">5.2.1.5</a>&nbsp;<a id="cache-request-directive.no-store" href="#cache-request-directive.no-store">no-store</a></h4>
    1245       <p id="rfc.section.5.2.1.5.p.1">The "no-store" request directive indicates that a cache <em class="bcp14">MUST NOT</em> store any part of either this request or any response to it. This directive applies to both private and shared caches. "<em class="bcp14">MUST NOT</em> store" in this context means that the cache <em class="bcp14">MUST NOT</em> intentionally store the information in non-volatile storage, and <em class="bcp14">MUST</em> make a best-effort attempt to remove the information from volatile storage as promptly as possible after forwarding it.
    1246       </p>
    1247       <p id="rfc.section.5.2.1.5.p.2">This directive is NOT a reliable or sufficient mechanism for ensuring privacy. In particular, malicious or compromised caches
    1248          might not recognize or obey this directive, and communications networks might be vulnerable to eavesdropping.
    1249       </p>
    1250       <p id="rfc.section.5.2.1.5.p.3">Note that if a request containing this directive is satisfied from a cache, the no-store request directive does not apply
    1251          to the already stored response.
    1252       </p>
    1253       <div id="rfc.iref.n.3"></div>
    1254       <h4 id="rfc.section.5.2.1.6"><a href="#rfc.section.5.2.1.6">5.2.1.6</a>&nbsp;<a id="cache-request-directive.no-transform" href="#cache-request-directive.no-transform">no-transform</a></h4>
    1255       <p id="rfc.section.5.2.1.6.p.1">The "no-transform" request directive indicates that an intermediary (whether or not it implements a cache) <em class="bcp14">MUST NOT</em> transform the payload, as defined in <a href="p1-messaging.html#message.transformations" title="Transformations">Section 5.7.2</a> of <a href="#Part1" id="rfc.xref.Part1.9"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.
    1256       </p>
    1257       <div id="rfc.iref.o.1"></div>
    1258       <h4 id="rfc.section.5.2.1.7"><a href="#rfc.section.5.2.1.7">5.2.1.7</a>&nbsp;<a id="cache-request-directive.only-if-cached" href="#cache-request-directive.only-if-cached">only-if-cached</a></h4>
    1259       <p id="rfc.section.5.2.1.7.p.1">The "only-if-cached" request directive indicates that the client only wishes to obtain a stored response. If it receives this
    1260          directive, a cache <em class="bcp14">SHOULD</em> either respond using a stored response that is consistent with the other constraints of the request, or respond with a <a href="p2-semantics.html#status.504" class="smpl">504 (Gateway
    1261             Timeout)</a> status code. If a group of caches is being operated as a unified system with good internal connectivity, a member cache <em class="bcp14">MAY</em> forward such a request within that group of caches.
    1262       </p>
    1263       <h3 id="rfc.section.5.2.2"><a href="#rfc.section.5.2.2">5.2.2</a>&nbsp;<a id="cache-response-directive" href="#cache-response-directive">Response Cache-Control Directives</a></h3>
    1264       <div id="rfc.iref.m.4"></div>
    1265       <h4 id="rfc.section.5.2.2.1"><a href="#rfc.section.5.2.2.1">5.2.2.1</a>&nbsp;<a id="cache-response-directive.must-revalidate" href="#cache-response-directive.must-revalidate">must-revalidate</a></h4>
    1266       <p id="rfc.section.5.2.2.1.p.1">The "must-revalidate" response directive indicates that once it has become stale, a cache <em class="bcp14">MUST NOT</em> use the response to satisfy subsequent requests without successful validation on the origin server.
    1267       </p>
    1268       <p id="rfc.section.5.2.2.1.p.2">The must-revalidate directive is necessary to support reliable operation for certain protocol features. In all circumstances
    1269          a cache <em class="bcp14">MUST</em> obey the must-revalidate directive; in particular, if a cache cannot reach the origin server for any reason, it <em class="bcp14">MUST</em> generate a <a href="p2-semantics.html#status.504" class="smpl">504 (Gateway Timeout)</a> response.
    1270       </p>
    1271       <p id="rfc.section.5.2.2.1.p.3">The must-revalidate directive ought to be used by servers if and only if failure to validate a request on the representation
    1272          could result in incorrect operation, such as a silently unexecuted financial transaction.
    1273       </p>
    1274       <div id="rfc.iref.n.4"></div>
    1275       <h4 id="rfc.section.5.2.2.2"><a href="#rfc.section.5.2.2.2">5.2.2.2</a>&nbsp;<a id="cache-response-directive.no-cache" href="#cache-response-directive.no-cache">no-cache</a></h4>
    1276       <p id="rfc.section.5.2.2.2.p.1">Argument syntax: </p>
    1277       <ul class="empty">
    1278          <li>#<a href="#imported.abnf" class="smpl">field-name</a>
    1279          </li>
    1280       </ul>
    1281       <p id="rfc.section.5.2.2.2.p.2">The "no-cache" response directive indicates that the response <em class="bcp14">MUST NOT</em> be used to satisfy a subsequent request without successful validation on the origin server. This allows an origin server to
    1282          prevent a cache from using it to satisfy a request without contacting it, even by caches that have been configured to send
    1283          stale responses.
    1284       </p>
    1285       <p id="rfc.section.5.2.2.2.p.3">If the no-cache response directive specifies one or more field-names, then a cache <em class="bcp14">MAY</em> use the response to satisfy a subsequent request, subject to any other restrictions on caching. However, any header fields
    1286          in the response that have the field-name(s) listed <em class="bcp14">MUST NOT</em> be sent in the response to a subsequent request without successful revalidation with the origin server. This allows an origin
    1287          server to prevent the re-use of certain header fields in a response, while still allowing caching of the rest of the response.
    1288       </p>
    1289       <p id="rfc.section.5.2.2.2.p.4">The field-names given are not limited to the set of header fields defined by this specification. Field names are case-insensitive.</p>
    1290       <p id="rfc.section.5.2.2.2.p.5"><b>Note:</b> Although it has been back-ported to many implementations, some HTTP/1.0 caches will not recognize or obey this directive.
    1291          Also, no-cache response directives with field-names are often handled by caches as if an unqualified no-cache directive was
    1292          received; i.e., the special handling for the qualified form is not widely implemented.
    1293       </p>
    1294       <p id="rfc.section.5.2.2.2.p.6"><b>Note:</b> This directive uses the quoted-string form of the argument syntax. A sender <em class="bcp14">SHOULD NOT</em> generate the token form (even if quoting appears not to be needed for single-entry lists).
    1295       </p>
    1296       <div id="rfc.iref.n.5"></div>
    1297       <h4 id="rfc.section.5.2.2.3"><a href="#rfc.section.5.2.2.3">5.2.2.3</a>&nbsp;<a id="cache-response-directive.no-store" href="#cache-response-directive.no-store">no-store</a></h4>
    1298       <p id="rfc.section.5.2.2.3.p.1">The "no-store" response directive indicates that a cache <em class="bcp14">MUST NOT</em> store any part of either the immediate request or response. This directive applies to both private and shared caches. "<em class="bcp14">MUST NOT</em> store" in this context means that the cache <em class="bcp14">MUST NOT</em> intentionally store the information in non-volatile storage, and <em class="bcp14">MUST</em> make a best-effort attempt to remove the information from volatile storage as promptly as possible after forwarding it.
    1299       </p>
    1300       <p id="rfc.section.5.2.2.3.p.2">This directive is NOT a reliable or sufficient mechanism for ensuring privacy. In particular, malicious or compromised caches
    1301          might not recognize or obey this directive, and communications networks might be vulnerable to eavesdropping.
    1302       </p>
    1303       <div id="rfc.iref.n.6"></div>
    1304       <h4 id="rfc.section.5.2.2.4"><a href="#rfc.section.5.2.2.4">5.2.2.4</a>&nbsp;<a id="cache-response-directive.no-transform" href="#cache-response-directive.no-transform">no-transform</a></h4>
    1305       <p id="rfc.section.5.2.2.4.p.1">The "no-transform" response directive indicates that an intermediary (regardless of whether it implements a cache) <em class="bcp14">MUST NOT</em> transform the payload, as defined in <a href="p1-messaging.html#message.transformations" title="Transformations">Section 5.7.2</a> of <a href="#Part1" id="rfc.xref.Part1.10"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.
    1306       </p>
    1307       <div id="rfc.iref.p.2"></div>
    1308       <h4 id="rfc.section.5.2.2.5"><a href="#rfc.section.5.2.2.5">5.2.2.5</a>&nbsp;<a id="cache-response-directive.public" href="#cache-response-directive.public">public</a></h4>
    1309       <p id="rfc.section.5.2.2.5.p.1">The "public" response directive indicates that any cache <em class="bcp14">MAY</em> store the response, even if the response would normally be non-cacheable or cacheable only within a private cache. (See <a href="#caching.authenticated.responses" title="Storing Responses to Authenticated Requests">Section&nbsp;3.2</a> for additional details related to the use of public in response to a request containing <a href="p7-auth.html#header.authorization" class="smpl">Authorization</a>, and <a href="#response.cacheability" title="Storing Responses in Caches">Section&nbsp;3</a> for details of how public affects responses that would normally not be stored, due to their status codes not being defined
    1310          as cacheable.)
    1311       </p>
    1312       <div id="rfc.iref.p.3"></div>
    1313       <h4 id="rfc.section.5.2.2.6"><a href="#rfc.section.5.2.2.6">5.2.2.6</a>&nbsp;<a id="cache-response-directive.private" href="#cache-response-directive.private">private</a></h4>
    1314       <p id="rfc.section.5.2.2.6.p.1">Argument syntax: </p>
    1315       <ul class="empty">
    1316          <li>#<a href="#imported.abnf" class="smpl">field-name</a>
    1317          </li>
    1318       </ul>
    1319       <p id="rfc.section.5.2.2.6.p.2">The "private" response directive indicates that the response message is intended for a single user and <em class="bcp14">MUST NOT</em> be stored by a shared cache. A private cache <em class="bcp14">MAY</em> store the response and reuse it for later requests, even if the response would normally be non-cacheable.
    1320       </p>
    1321       <p id="rfc.section.5.2.2.6.p.3">If the private response directive specifies one or more field-names, this requirement is limited to the field-values associated
    1322          with the listed response header fields. That is, a shared cache <em class="bcp14">MUST NOT</em> store the specified field-names(s), whereas it <em class="bcp14">MAY</em> store the remainder of the response message.
    1323       </p>
    1324       <p id="rfc.section.5.2.2.6.p.4">The field-names given are not limited to the set of header fields defined by this specification. Field names are case-insensitive.</p>
    1325       <p id="rfc.section.5.2.2.6.p.5"><b>Note:</b> This usage of the word "private" only controls where the response can be stored; it cannot ensure the privacy of the message
    1326          content. Also, private response directives with field-names are often handled by caches as if an unqualified private directive
    1327          was received; i.e., the special handling for the qualified form is not widely implemented.
    1328       </p>
    1329       <p id="rfc.section.5.2.2.6.p.6"><b>Note:</b> This directive uses the quoted-string form of the argument syntax. A sender <em class="bcp14">SHOULD NOT</em> generate the token form (even if quoting appears not to be needed for single-entry lists).
    1330       </p>
    1331       <div id="rfc.iref.p.4"></div>
    1332       <h4 id="rfc.section.5.2.2.7"><a href="#rfc.section.5.2.2.7">5.2.2.7</a>&nbsp;<a id="cache-response-directive.proxy-revalidate" href="#cache-response-directive.proxy-revalidate">proxy-revalidate</a></h4>
    1333       <p id="rfc.section.5.2.2.7.p.1">The "proxy-revalidate" response directive has the same meaning as the must-revalidate response directive, except that it does
    1334          not apply to private caches.
    1335       </p>
    1336       <div id="rfc.iref.m.5"></div>
    1337       <h4 id="rfc.section.5.2.2.8"><a href="#rfc.section.5.2.2.8">5.2.2.8</a>&nbsp;<a id="cache-response-directive.max-age" href="#cache-response-directive.max-age">max-age</a></h4>
    1338       <p id="rfc.section.5.2.2.8.p.1">Argument syntax: </p>
    1339       <ul class="empty">
    1340          <li><a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>)
    1341          </li>
    1342       </ul>
    1343       <p id="rfc.section.5.2.2.8.p.2">The "max-age" response directive indicates that the response is to be considered stale after its age is greater than the specified
    1344          number of seconds.
    1345       </p>
    1346       <p id="rfc.section.5.2.2.8.p.3"><b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-age=5', not 'max-age="5"'. A sender <em class="bcp14">SHOULD NOT</em> generate the quoted-string form.
    1347       </p>
    1348       <div id="rfc.iref.s.4"></div>
    1349       <h4 id="rfc.section.5.2.2.9"><a href="#rfc.section.5.2.2.9">5.2.2.9</a>&nbsp;<a id="cache-response-directive.s-maxage" href="#cache-response-directive.s-maxage">s-maxage</a></h4>
    1350       <p id="rfc.section.5.2.2.9.p.1">Argument syntax: </p>
    1351       <ul class="empty">
    1352          <li><a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>)
    1353          </li>
    1354       </ul>
    1355       <p id="rfc.section.5.2.2.9.p.2">The "s-maxage" response directive indicates that, in shared caches, the maximum age specified by this directive overrides
    1356          the maximum age specified by either the max-age directive or the <a href="#header.expires" class="smpl">Expires</a> header field. The s-maxage directive also implies the semantics of the proxy-revalidate response directive.
    1357       </p>
    1358       <p id="rfc.section.5.2.2.9.p.3"><b>Note:</b> This directive uses the token form of the argument syntax; e.g., 's-maxage=10', not 's-maxage="10"'. A sender <em class="bcp14">SHOULD NOT</em> generate the quoted-string form.
    1359       </p>
    1360       <h3 id="rfc.section.5.2.3"><a href="#rfc.section.5.2.3">5.2.3</a>&nbsp;<a id="cache.control.extensions" href="#cache.control.extensions">Cache Control Extensions</a></h3>
    1361       <p id="rfc.section.5.2.3.p.1">The Cache-Control header field can be extended through the use of one or more cache-extension tokens, each with an optional
    1362          value.
    1363       </p>
    1364       <p id="rfc.section.5.2.3.p.2">Informational extensions (those that do not require a change in cache behavior) can be added without changing the semantics
    1365          of other directives. Behavioral extensions are designed to work by acting as modifiers to the existing base of cache directives.
    1366       </p>
    1367       <p id="rfc.section.5.2.3.p.3">Both the new directive and the standard directive are supplied, such that applications that do not understand the new directive
    1368          will default to the behavior specified by the standard directive, and those that understand the new directive will recognize
    1369          it as modifying the requirements associated with the standard directive. In this way, extensions to the cache-control directives
    1370          can be made without requiring changes to the base protocol.
    1371       </p>
    1372       <p id="rfc.section.5.2.3.p.4">This extension mechanism depends on an HTTP cache obeying all of the cache-control directives defined for its native HTTP-version,
    1373          obeying certain extensions, and ignoring all directives that it does not understand.
    1374       </p>
    1375       <p id="rfc.section.5.2.3.p.5">For example, consider a hypothetical new response directive called "community" that acts as a modifier to the private directive.
    1376          We define this new directive to mean that, in addition to any private cache, any cache that is shared only by members of the
    1377          community named within its value is allowed to cache the response. An origin server wishing to allow the UCI community to
    1378          use an otherwise private response in their shared cache(s) could do so by including
    1379       </p>
    1380       <div id="rfc.figure.u.8"></div><pre class="text">  Cache-Control: private, community="UCI"
     1251            <div id="cache-request-directive">
     1252               <h3 id="rfc.section.5.2.1"><a href="#rfc.section.5.2.1">5.2.1</a>&nbsp;<a href="#cache-request-directive">Request Cache-Control Directives</a></h3>
     1253               <div id="cache-request-directive.max-age">
     1254                  <div id="rfc.iref.m.1"></div>
     1255                  <h4 id="rfc.section.5.2.1.1"><a href="#rfc.section.5.2.1.1">5.2.1.1</a>&nbsp;<a href="#cache-request-directive.max-age">max-age</a></h4>
     1256                  <p id="rfc.section.5.2.1.1.p.1">Argument syntax: </p>
     1257                  <ul class="empty">
     1258                     <li><a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>)
     1259                     </li>
     1260                  </ul>
     1261                  <p id="rfc.section.5.2.1.1.p.2">The "max-age" request directive indicates that the client is unwilling to accept a response whose age is greater than the
     1262                     specified number of seconds. Unless the max-stale request directive is also present, the client is not willing to accept a
     1263                     stale response.
     1264                  </p>
     1265                  <p id="rfc.section.5.2.1.1.p.3"><b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-age=5', not 'max-age="5"'. A sender <em class="bcp14">SHOULD NOT</em> generate the quoted-string form.
     1266                  </p>
     1267               </div>
     1268               <div id="cache-request-directive.max-stale">
     1269                  <div id="rfc.iref.m.2"></div>
     1270                  <h4 id="rfc.section.5.2.1.2"><a href="#rfc.section.5.2.1.2">5.2.1.2</a>&nbsp;<a href="#cache-request-directive.max-stale">max-stale</a></h4>
     1271                  <p id="rfc.section.5.2.1.2.p.1">Argument syntax: </p>
     1272                  <ul class="empty">
     1273                     <li><a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>)
     1274                     </li>
     1275                  </ul>
     1276                  <p id="rfc.section.5.2.1.2.p.2">The "max-stale" request directive indicates that the client is willing to accept a response that has exceeded its freshness
     1277                     lifetime. If max-stale is assigned a value, then the client is willing to accept a response that has exceeded its freshness
     1278                     lifetime by no more than the specified number of seconds. If no value is assigned to max-stale, then the client is willing
     1279                     to accept a stale response of any age.
     1280                  </p>
     1281                  <p id="rfc.section.5.2.1.2.p.3"><b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-stale=10', not 'max-stale="10"'. A sender <em class="bcp14">SHOULD NOT</em> generate the quoted-string form.
     1282                  </p>
     1283               </div>
     1284               <div id="cache-request-directive.min-fresh">
     1285                  <div id="rfc.iref.m.3"></div>
     1286                  <h4 id="rfc.section.5.2.1.3"><a href="#rfc.section.5.2.1.3">5.2.1.3</a>&nbsp;<a href="#cache-request-directive.min-fresh">min-fresh</a></h4>
     1287                  <p id="rfc.section.5.2.1.3.p.1">Argument syntax: </p>
     1288                  <ul class="empty">
     1289                     <li><a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>)
     1290                     </li>
     1291                  </ul>
     1292                  <p id="rfc.section.5.2.1.3.p.2">The "min-fresh" request directive indicates that the client is willing to accept a response whose freshness lifetime is no
     1293                     less than its current age plus the specified time in seconds. That is, the client wants a response that will still be fresh
     1294                     for at least the specified number of seconds.
     1295                  </p>
     1296                  <p id="rfc.section.5.2.1.3.p.3"><b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'min-fresh=20', not 'min-fresh="20"'. A sender <em class="bcp14">SHOULD NOT</em> generate the quoted-string form.
     1297                  </p>
     1298               </div>
     1299               <div id="cache-request-directive.no-cache">
     1300                  <div id="rfc.iref.n.1"></div>
     1301                  <h4 id="rfc.section.5.2.1.4"><a href="#rfc.section.5.2.1.4">5.2.1.4</a>&nbsp;<a href="#cache-request-directive.no-cache">no-cache</a></h4>
     1302                  <p id="rfc.section.5.2.1.4.p.1">The "no-cache" request directive indicates that a cache <em class="bcp14">MUST NOT</em> use a stored response to satisfy the request without successful validation on the origin server.
     1303                  </p>
     1304               </div>
     1305               <div id="cache-request-directive.no-store">
     1306                  <div id="rfc.iref.n.2"></div>
     1307                  <h4 id="rfc.section.5.2.1.5"><a href="#rfc.section.5.2.1.5">5.2.1.5</a>&nbsp;<a href="#cache-request-directive.no-store">no-store</a></h4>
     1308                  <p id="rfc.section.5.2.1.5.p.1">The "no-store" request directive indicates that a cache <em class="bcp14">MUST NOT</em> store any part of either this request or any response to it. This directive applies to both private and shared caches. "<em class="bcp14">MUST NOT</em> store" in this context means that the cache <em class="bcp14">MUST NOT</em> intentionally store the information in non-volatile storage, and <em class="bcp14">MUST</em> make a best-effort attempt to remove the information from volatile storage as promptly as possible after forwarding it.
     1309                  </p>
     1310                  <p id="rfc.section.5.2.1.5.p.2">This directive is NOT a reliable or sufficient mechanism for ensuring privacy. In particular, malicious or compromised caches
     1311                     might not recognize or obey this directive, and communications networks might be vulnerable to eavesdropping.
     1312                  </p>
     1313                  <p id="rfc.section.5.2.1.5.p.3">Note that if a request containing this directive is satisfied from a cache, the no-store request directive does not apply
     1314                     to the already stored response.
     1315                  </p>
     1316               </div>
     1317               <div id="cache-request-directive.no-transform">
     1318                  <div id="rfc.iref.n.3"></div>
     1319                  <h4 id="rfc.section.5.2.1.6"><a href="#rfc.section.5.2.1.6">5.2.1.6</a>&nbsp;<a href="#cache-request-directive.no-transform">no-transform</a></h4>
     1320                  <p id="rfc.section.5.2.1.6.p.1">The "no-transform" request directive indicates that an intermediary (whether or not it implements a cache) <em class="bcp14">MUST NOT</em> transform the payload, as defined in <a href="p1-messaging.html#message.transformations" title="Transformations">Section 5.7.2</a> of <a href="#Part1" id="rfc.xref.Part1.9"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.
     1321                  </p>
     1322               </div>
     1323               <div id="cache-request-directive.only-if-cached">
     1324                  <div id="rfc.iref.o.1"></div>
     1325                  <h4 id="rfc.section.5.2.1.7"><a href="#rfc.section.5.2.1.7">5.2.1.7</a>&nbsp;<a href="#cache-request-directive.only-if-cached">only-if-cached</a></h4>
     1326                  <p id="rfc.section.5.2.1.7.p.1">The "only-if-cached" request directive indicates that the client only wishes to obtain a stored response. If it receives this
     1327                     directive, a cache <em class="bcp14">SHOULD</em> either respond using a stored response that is consistent with the other constraints of the request, or respond with a <a href="p2-semantics.html#status.504" class="smpl">504 (Gateway
     1328                        Timeout)</a> status code. If a group of caches is being operated as a unified system with good internal connectivity, a member cache <em class="bcp14">MAY</em> forward such a request within that group of caches.
     1329                  </p>
     1330               </div>
     1331            </div>
     1332            <div id="cache-response-directive">
     1333               <h3 id="rfc.section.5.2.2"><a href="#rfc.section.5.2.2">5.2.2</a>&nbsp;<a href="#cache-response-directive">Response Cache-Control Directives</a></h3>
     1334               <div id="cache-response-directive.must-revalidate">
     1335                  <div id="rfc.iref.m.4"></div>
     1336                  <h4 id="rfc.section.5.2.2.1"><a href="#rfc.section.5.2.2.1">5.2.2.1</a>&nbsp;<a href="#cache-response-directive.must-revalidate">must-revalidate</a></h4>
     1337                  <p id="rfc.section.5.2.2.1.p.1">The "must-revalidate" response directive indicates that once it has become stale, a cache <em class="bcp14">MUST NOT</em> use the response to satisfy subsequent requests without successful validation on the origin server.
     1338                  </p>
     1339                  <p id="rfc.section.5.2.2.1.p.2">The must-revalidate directive is necessary to support reliable operation for certain protocol features. In all circumstances
     1340                     a cache <em class="bcp14">MUST</em> obey the must-revalidate directive; in particular, if a cache cannot reach the origin server for any reason, it <em class="bcp14">MUST</em> generate a <a href="p2-semantics.html#status.504" class="smpl">504 (Gateway Timeout)</a> response.
     1341                  </p>
     1342                  <p id="rfc.section.5.2.2.1.p.3">The must-revalidate directive ought to be used by servers if and only if failure to validate a request on the representation
     1343                     could result in incorrect operation, such as a silently unexecuted financial transaction.
     1344                  </p>
     1345               </div>
     1346               <div id="cache-response-directive.no-cache">
     1347                  <div id="rfc.iref.n.4"></div>
     1348                  <h4 id="rfc.section.5.2.2.2"><a href="#rfc.section.5.2.2.2">5.2.2.2</a>&nbsp;<a href="#cache-response-directive.no-cache">no-cache</a></h4>
     1349                  <p id="rfc.section.5.2.2.2.p.1">Argument syntax: </p>
     1350                  <ul class="empty">
     1351                     <li>#<a href="#imported.abnf" class="smpl">field-name</a>
     1352                     </li>
     1353                  </ul>
     1354                  <p id="rfc.section.5.2.2.2.p.2">The "no-cache" response directive indicates that the response <em class="bcp14">MUST NOT</em> be used to satisfy a subsequent request without successful validation on the origin server. This allows an origin server to
     1355                     prevent a cache from using it to satisfy a request without contacting it, even by caches that have been configured to send
     1356                     stale responses.
     1357                  </p>
     1358                  <p id="rfc.section.5.2.2.2.p.3">If the no-cache response directive specifies one or more field-names, then a cache <em class="bcp14">MAY</em> use the response to satisfy a subsequent request, subject to any other restrictions on caching. However, any header fields
     1359                     in the response that have the field-name(s) listed <em class="bcp14">MUST NOT</em> be sent in the response to a subsequent request without successful revalidation with the origin server. This allows an origin
     1360                     server to prevent the re-use of certain header fields in a response, while still allowing caching of the rest of the response.
     1361                  </p>
     1362                  <p id="rfc.section.5.2.2.2.p.4">The field-names given are not limited to the set of header fields defined by this specification. Field names are case-insensitive.</p>
     1363                  <p id="rfc.section.5.2.2.2.p.5"><b>Note:</b> Although it has been back-ported to many implementations, some HTTP/1.0 caches will not recognize or obey this directive.
     1364                     Also, no-cache response directives with field-names are often handled by caches as if an unqualified no-cache directive was
     1365                     received; i.e., the special handling for the qualified form is not widely implemented.
     1366                  </p>
     1367                  <p id="rfc.section.5.2.2.2.p.6"><b>Note:</b> This directive uses the quoted-string form of the argument syntax. A sender <em class="bcp14">SHOULD NOT</em> generate the token form (even if quoting appears not to be needed for single-entry lists).
     1368                  </p>
     1369               </div>
     1370               <div id="cache-response-directive.no-store">
     1371                  <div id="rfc.iref.n.5"></div>
     1372                  <h4 id="rfc.section.5.2.2.3"><a href="#rfc.section.5.2.2.3">5.2.2.3</a>&nbsp;<a href="#cache-response-directive.no-store">no-store</a></h4>
     1373                  <p id="rfc.section.5.2.2.3.p.1">The "no-store" response directive indicates that a cache <em class="bcp14">MUST NOT</em> store any part of either the immediate request or response. This directive applies to both private and shared caches. "<em class="bcp14">MUST NOT</em> store" in this context means that the cache <em class="bcp14">MUST NOT</em> intentionally store the information in non-volatile storage, and <em class="bcp14">MUST</em> make a best-effort attempt to remove the information from volatile storage as promptly as possible after forwarding it.
     1374                  </p>
     1375                  <p id="rfc.section.5.2.2.3.p.2">This directive is NOT a reliable or sufficient mechanism for ensuring privacy. In particular, malicious or compromised caches
     1376                     might not recognize or obey this directive, and communications networks might be vulnerable to eavesdropping.
     1377                  </p>
     1378               </div>
     1379               <div id="cache-response-directive.no-transform">
     1380                  <div id="rfc.iref.n.6"></div>
     1381                  <h4 id="rfc.section.5.2.2.4"><a href="#rfc.section.5.2.2.4">5.2.2.4</a>&nbsp;<a href="#cache-response-directive.no-transform">no-transform</a></h4>
     1382                  <p id="rfc.section.5.2.2.4.p.1">The "no-transform" response directive indicates that an intermediary (regardless of whether it implements a cache) <em class="bcp14">MUST NOT</em> transform the payload, as defined in <a href="p1-messaging.html#message.transformations" title="Transformations">Section 5.7.2</a> of <a href="#Part1" id="rfc.xref.Part1.10"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.
     1383                  </p>
     1384               </div>
     1385               <div id="cache-response-directive.public">
     1386                  <div id="rfc.iref.p.2"></div>
     1387                  <h4 id="rfc.section.5.2.2.5"><a href="#rfc.section.5.2.2.5">5.2.2.5</a>&nbsp;<a href="#cache-response-directive.public">public</a></h4>
     1388                  <p id="rfc.section.5.2.2.5.p.1">The "public" response directive indicates that any cache <em class="bcp14">MAY</em> store the response, even if the response would normally be non-cacheable or cacheable only within a private cache. (See <a href="#caching.authenticated.responses" title="Storing Responses to Authenticated Requests">Section&nbsp;3.2</a> for additional details related to the use of public in response to a request containing <a href="p7-auth.html#header.authorization" class="smpl">Authorization</a>, and <a href="#response.cacheability" title="Storing Responses in Caches">Section&nbsp;3</a> for details of how public affects responses that would normally not be stored, due to their status codes not being defined
     1389                     as cacheable.)
     1390                  </p>
     1391               </div>
     1392               <div id="cache-response-directive.private">
     1393                  <div id="rfc.iref.p.3"></div>
     1394                  <h4 id="rfc.section.5.2.2.6"><a href="#rfc.section.5.2.2.6">5.2.2.6</a>&nbsp;<a href="#cache-response-directive.private">private</a></h4>
     1395                  <p id="rfc.section.5.2.2.6.p.1">Argument syntax: </p>
     1396                  <ul class="empty">
     1397                     <li>#<a href="#imported.abnf" class="smpl">field-name</a>
     1398                     </li>
     1399                  </ul>
     1400                  <p id="rfc.section.5.2.2.6.p.2">The "private" response directive indicates that the response message is intended for a single user and <em class="bcp14">MUST NOT</em> be stored by a shared cache. A private cache <em class="bcp14">MAY</em> store the response and reuse it for later requests, even if the response would normally be non-cacheable.
     1401                  </p>
     1402                  <p id="rfc.section.5.2.2.6.p.3">If the private response directive specifies one or more field-names, this requirement is limited to the field-values associated
     1403                     with the listed response header fields. That is, a shared cache <em class="bcp14">MUST NOT</em> store the specified field-names(s), whereas it <em class="bcp14">MAY</em> store the remainder of the response message.
     1404                  </p>
     1405                  <p id="rfc.section.5.2.2.6.p.4">The field-names given are not limited to the set of header fields defined by this specification. Field names are case-insensitive.</p>
     1406                  <p id="rfc.section.5.2.2.6.p.5"><b>Note:</b> This usage of the word "private" only controls where the response can be stored; it cannot ensure the privacy of the message
     1407                     content. Also, private response directives with field-names are often handled by caches as if an unqualified private directive
     1408                     was received; i.e., the special handling for the qualified form is not widely implemented.
     1409                  </p>
     1410                  <p id="rfc.section.5.2.2.6.p.6"><b>Note:</b> This directive uses the quoted-string form of the argument syntax. A sender <em class="bcp14">SHOULD NOT</em> generate the token form (even if quoting appears not to be needed for single-entry lists).
     1411                  </p>
     1412               </div>
     1413               <div id="cache-response-directive.proxy-revalidate">
     1414                  <div id="rfc.iref.p.4"></div>
     1415                  <h4 id="rfc.section.5.2.2.7"><a href="#rfc.section.5.2.2.7">5.2.2.7</a>&nbsp;<a href="#cache-response-directive.proxy-revalidate">proxy-revalidate</a></h4>
     1416                  <p id="rfc.section.5.2.2.7.p.1">The "proxy-revalidate" response directive has the same meaning as the must-revalidate response directive, except that it does
     1417                     not apply to private caches.
     1418                  </p>
     1419               </div>
     1420               <div id="cache-response-directive.max-age">
     1421                  <div id="rfc.iref.m.5"></div>
     1422                  <h4 id="rfc.section.5.2.2.8"><a href="#rfc.section.5.2.2.8">5.2.2.8</a>&nbsp;<a href="#cache-response-directive.max-age">max-age</a></h4>
     1423                  <p id="rfc.section.5.2.2.8.p.1">Argument syntax: </p>
     1424                  <ul class="empty">
     1425                     <li><a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>)
     1426                     </li>
     1427                  </ul>
     1428                  <p id="rfc.section.5.2.2.8.p.2">The "max-age" response directive indicates that the response is to be considered stale after its age is greater than the specified
     1429                     number of seconds.
     1430                  </p>
     1431                  <p id="rfc.section.5.2.2.8.p.3"><b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-age=5', not 'max-age="5"'. A sender <em class="bcp14">SHOULD NOT</em> generate the quoted-string form.
     1432                  </p>
     1433               </div>
     1434               <div id="cache-response-directive.s-maxage">
     1435                  <div id="rfc.iref.s.4"></div>
     1436                  <h4 id="rfc.section.5.2.2.9"><a href="#rfc.section.5.2.2.9">5.2.2.9</a>&nbsp;<a href="#cache-response-directive.s-maxage">s-maxage</a></h4>
     1437                  <p id="rfc.section.5.2.2.9.p.1">Argument syntax: </p>
     1438                  <ul class="empty">
     1439                     <li><a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section&nbsp;1.2.1</a>)
     1440                     </li>
     1441                  </ul>
     1442                  <p id="rfc.section.5.2.2.9.p.2">The "s-maxage" response directive indicates that, in shared caches, the maximum age specified by this directive overrides
     1443                     the maximum age specified by either the max-age directive or the <a href="#header.expires" class="smpl">Expires</a> header field. The s-maxage directive also implies the semantics of the proxy-revalidate response directive.
     1444                  </p>
     1445                  <p id="rfc.section.5.2.2.9.p.3"><b>Note:</b> This directive uses the token form of the argument syntax; e.g., 's-maxage=10', not 's-maxage="10"'. A sender <em class="bcp14">SHOULD NOT</em> generate the quoted-string form.
     1446                  </p>
     1447               </div>
     1448            </div>
     1449            <div id="cache.control.extensions">
     1450               <h3 id="rfc.section.5.2.3"><a href="#rfc.section.5.2.3">5.2.3</a>&nbsp;<a href="#cache.control.extensions">Cache Control Extensions</a></h3>
     1451               <p id="rfc.section.5.2.3.p.1">The Cache-Control header field can be extended through the use of one or more cache-extension tokens, each with an optional
     1452                  value.
     1453               </p>
     1454               <p id="rfc.section.5.2.3.p.2">Informational extensions (those that do not require a change in cache behavior) can be added without changing the semantics
     1455                  of other directives. Behavioral extensions are designed to work by acting as modifiers to the existing base of cache directives.
     1456               </p>
     1457               <p id="rfc.section.5.2.3.p.3">Both the new directive and the standard directive are supplied, such that applications that do not understand the new directive
     1458                  will default to the behavior specified by the standard directive, and those that understand the new directive will recognize
     1459                  it as modifying the requirements associated with the standard directive. In this way, extensions to the cache-control directives
     1460                  can be made without requiring changes to the base protocol.
     1461               </p>
     1462               <p id="rfc.section.5.2.3.p.4">This extension mechanism depends on an HTTP cache obeying all of the cache-control directives defined for its native HTTP-version,
     1463                  obeying certain extensions, and ignoring all directives that it does not understand.
     1464               </p>
     1465               <p id="rfc.section.5.2.3.p.5">For example, consider a hypothetical new response directive called "community" that acts as a modifier to the private directive.
     1466                  We define this new directive to mean that, in addition to any private cache, any cache that is shared only by members of the
     1467                  community named within its value is allowed to cache the response. An origin server wishing to allow the UCI community to
     1468                  use an otherwise private response in their shared cache(s) could do so by including
     1469               </p>
     1470               <div id="rfc.figure.u.8"></div><pre class="text">  Cache-Control: private, community="UCI"
    13811471</pre><p id="rfc.section.5.2.3.p.7">A cache seeing this header field will act correctly even if the cache does not understand the community cache-extension, since
    1382          it will also see and understand the private directive and thus default to the safe behavior.
    1383       </p>
    1384       <p id="rfc.section.5.2.3.p.8">A cache <em class="bcp14">MUST</em> ignore unrecognized cache directives; it is assumed that any cache directive likely to be unrecognized by an HTTP/1.1 cache
    1385          will be combined with standard directives (or the response's default cacheability) such that the cache behavior will remain
    1386          minimally correct even if the cache does not understand the extension(s).
    1387       </p>
    1388       <div id="rfc.iref.e.2"></div>
    1389       <h2 id="rfc.section.5.3"><a href="#rfc.section.5.3">5.3</a>&nbsp;<a id="header.expires" href="#header.expires">Expires</a></h2>
    1390       <p id="rfc.section.5.3.p.1">The "Expires" header field gives the date/time after which the response is considered stale. See <a href="#expiration.model" title="Freshness">Section&nbsp;4.2</a> for further discussion of the freshness model.
    1391       </p>
    1392       <p id="rfc.section.5.3.p.2">The presence of an Expires field does not imply that the original resource will change or cease to exist at, before, or after
    1393          that time.
    1394       </p>
    1395       <p id="rfc.section.5.3.p.3">The Expires value is an HTTP-date timestamp, as defined in <a href="p2-semantics.html#http.date" title="Date/Time Formats">Section 7.1.1.1</a> of <a href="#Part2" id="rfc.xref.Part2.7"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>.
    1396       </p>
    1397       <div id="rfc.figure.u.9"></div><pre class="inline"><span id="rfc.iref.g.5"></span>  <a href="#header.expires" class="smpl">Expires</a> = <a href="#imported.abnf" class="smpl">HTTP-date</a>
     1472                  it will also see and understand the private directive and thus default to the safe behavior.
     1473               </p>
     1474               <p id="rfc.section.5.2.3.p.8">A cache <em class="bcp14">MUST</em> ignore unrecognized cache directives; it is assumed that any cache directive likely to be unrecognized by an HTTP/1.1 cache
     1475                  will be combined with standard directives (or the response's default cacheability) such that the cache behavior will remain
     1476                  minimally correct even if the cache does not understand the extension(s).
     1477               </p>
     1478            </div>
     1479         </div>
     1480         <div id="header.expires">
     1481            <div id="rfc.iref.e.2"></div>
     1482            <h2 id="rfc.section.5.3"><a href="#rfc.section.5.3">5.3</a>&nbsp;<a href="#header.expires">Expires</a></h2>
     1483            <p id="rfc.section.5.3.p.1">The "Expires" header field gives the date/time after which the response is considered stale. See <a href="#expiration.model" title="Freshness">Section&nbsp;4.2</a> for further discussion of the freshness model.
     1484            </p>
     1485            <p id="rfc.section.5.3.p.2">The presence of an Expires field does not imply that the original resource will change or cease to exist at, before, or after
     1486               that time.
     1487            </p>
     1488            <p id="rfc.section.5.3.p.3">The Expires value is an HTTP-date timestamp, as defined in <a href="p2-semantics.html#http.date" title="Date/Time Formats">Section 7.1.1.1</a> of <a href="#Part2" id="rfc.xref.Part2.7"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>.
     1489            </p>
     1490            <div id="rfc.figure.u.9"></div><pre class="inline"><span id="rfc.iref.g.5"></span>  <a href="#header.expires" class="smpl">Expires</a> = <a href="#imported.abnf" class="smpl">HTTP-date</a>
    13981491</pre><div id="rfc.figure.u.10"></div>
    1399       <p>For example</p><pre class="text">  Expires: Thu, 01 Dec 1994 16:00:00 GMT
     1492            <p>For example</p><pre class="text">  Expires: Thu, 01 Dec 1994 16:00:00 GMT
    14001493</pre><p id="rfc.section.5.3.p.6">A cache recipient <em class="bcp14">MUST</em> interpret invalid date formats, especially the value "0", as representing a time in the past (i.e., "already expired").
    1401       </p>
    1402       <p id="rfc.section.5.3.p.7">If a response includes a <a href="#header.cache-control" class="smpl">Cache-Control</a> field with the max-age directive (<a href="#cache-response-directive.max-age" title="max-age">Section&nbsp;5.2.2.8</a>), a recipient <em class="bcp14">MUST</em> ignore the Expires field. Likewise, if a response includes the s-maxage directive (<a href="#cache-response-directive.s-maxage" title="s-maxage">Section&nbsp;5.2.2.9</a>), a shared cache recipient <em class="bcp14">MUST</em> ignore the Expires field. In both these cases, the value in Expires is only intended for recipients that have not yet implemented
    1403          the Cache-Control field.
    1404       </p>
    1405       <p id="rfc.section.5.3.p.8">An origin server without a clock <em class="bcp14">MUST NOT</em> generate an Expires field unless its value represents a fixed time in the past (always expired) or its value has been associated
    1406          with the resource by a system or user with a reliable clock.
    1407       </p>
    1408       <p id="rfc.section.5.3.p.9">Historically, HTTP required the Expires field-value to be no more than a year in the future. While longer freshness lifetimes
    1409          are no longer prohibited, extremely large values have been demonstrated to cause problems (e.g., clock overflows due to use
    1410          of 32-bit integers for time values), and many caches will evict a response far sooner than that.
    1411       </p>
    1412       <div id="rfc.iref.p.5"></div>
    1413       <h2 id="rfc.section.5.4"><a href="#rfc.section.5.4">5.4</a>&nbsp;<a id="header.pragma" href="#header.pragma">Pragma</a></h2>
    1414       <p id="rfc.section.5.4.p.1">The "Pragma" header field allows backwards compatibility with HTTP/1.0 caches, so that clients can specify a "no-cache" request
    1415          that they will understand (as <a href="#header.cache-control" class="smpl">Cache-Control</a> was not defined until HTTP/1.1). When the Cache-Control header field is also present and understood in a request, Pragma is
    1416          ignored.
    1417       </p>
    1418       <p id="rfc.section.5.4.p.2">In HTTP/1.0, Pragma was defined as an extensible field for implementation-specified directives for recipients. This specification
    1419          deprecates such extensions to improve interoperability.
    1420       </p>
    1421       <div id="rfc.figure.u.11"></div><pre class="inline"><span id="rfc.iref.g.6"></span><span id="rfc.iref.g.7"></span><span id="rfc.iref.g.8"></span>  <a href="#header.pragma" class="smpl">Pragma</a>           = 1#<a href="#header.pragma" class="smpl">pragma-directive</a>
     1494            </p>
     1495            <p id="rfc.section.5.3.p.7">If a response includes a <a href="#header.cache-control" class="smpl">Cache-Control</a> field with the max-age directive (<a href="#cache-response-directive.max-age" title="max-age">Section&nbsp;5.2.2.8</a>), a recipient <em class="bcp14">MUST</em> ignore the Expires field. Likewise, if a response includes the s-maxage directive (<a href="#cache-response-directive.s-maxage" title="s-maxage">Section&nbsp;5.2.2.9</a>), a shared cache recipient <em class="bcp14">MUST</em> ignore the Expires field. In both these cases, the value in Expires is only intended for recipients that have not yet implemented
     1496               the Cache-Control field.
     1497            </p>
     1498            <p id="rfc.section.5.3.p.8">An origin server without a clock <em class="bcp14">MUST NOT</em> generate an Expires field unless its value represents a fixed time in the past (always expired) or its value has been associated
     1499               with the resource by a system or user with a reliable clock.
     1500            </p>
     1501            <p id="rfc.section.5.3.p.9">Historically, HTTP required the Expires field-value to be no more than a year in the future. While longer freshness lifetimes
     1502               are no longer prohibited, extremely large values have been demonstrated to cause problems (e.g., clock overflows due to use
     1503               of 32-bit integers for time values), and many caches will evict a response far sooner than that.
     1504            </p>
     1505         </div>
     1506         <div id="header.pragma">
     1507            <div id="rfc.iref.p.5"></div>
     1508            <h2 id="rfc.section.5.4"><a href="#rfc.section.5.4">5.4</a>&nbsp;<a href="#header.pragma">Pragma</a></h2>
     1509            <p id="rfc.section.5.4.p.1">The "Pragma" header field allows backwards compatibility with HTTP/1.0 caches, so that clients can specify a "no-cache" request
     1510               that they will understand (as <a href="#header.cache-control" class="smpl">Cache-Control</a> was not defined until HTTP/1.1). When the Cache-Control header field is also present and understood in a request, Pragma is
     1511               ignored.
     1512            </p>
     1513            <p id="rfc.section.5.4.p.2">In HTTP/1.0, Pragma was defined as an extensible field for implementation-specified directives for recipients. This specification
     1514               deprecates such extensions to improve interoperability.
     1515            </p>
     1516            <div id="rfc.figure.u.11"></div><pre class="inline"><span id="rfc.iref.g.6"></span><span id="rfc.iref.g.7"></span><span id="rfc.iref.g.8"></span>  <a href="#header.pragma" class="smpl">Pragma</a>           = 1#<a href="#header.pragma" class="smpl">pragma-directive</a>
    14221517  <a href="#header.pragma" class="smpl">pragma-directive</a> = "no-cache" / <a href="#header.pragma" class="smpl">extension-pragma</a>
    14231518  <a href="#header.pragma" class="smpl">extension-pragma</a> = <a href="#imported.abnf" class="smpl">token</a> [ "=" ( <a href="#imported.abnf" class="smpl">token</a> / <a href="#imported.abnf" class="smpl">quoted-string</a> ) ]
    14241519</pre><p id="rfc.section.5.4.p.4">When the <a href="#header.cache-control" class="smpl">Cache-Control</a> header field is not present in a request, caches <em class="bcp14">MUST</em> consider the no-cache request pragma-directive as having the same effect as if "Cache-Control: no-cache" were present (see <a href="#cache-request-directive" title="Request Cache-Control Directives">Section&nbsp;5.2.1</a>).
    1425       </p>
    1426       <p id="rfc.section.5.4.p.5">When sending a no-cache request, a client ought to include both the pragma and cache-control directives, unless Cache-Control:
    1427          no-cache is purposefully omitted to target other <a href="#header.cache-control" class="smpl">Cache-Control</a> response directives at HTTP/1.1 caches. For example:
    1428       </p>
    1429       <div id="rfc.figure.u.12"></div><pre class="text">GET / HTTP/1.1
     1520            </p>
     1521            <p id="rfc.section.5.4.p.5">When sending a no-cache request, a client ought to include both the pragma and cache-control directives, unless Cache-Control:
     1522               no-cache is purposefully omitted to target other <a href="#header.cache-control" class="smpl">Cache-Control</a> response directives at HTTP/1.1 caches. For example:
     1523            </p>
     1524            <div id="rfc.figure.u.12"></div><pre class="text">GET / HTTP/1.1
    14301525Host: www.example.com
    14311526Cache-Control: max-age=30
     
    14331528
    14341529</pre><p id="rfc.section.5.4.p.7">will constrain HTTP/1.1 caches to serve a response no older than 30 seconds, while precluding implementations that do not
    1435          understand <a href="#header.cache-control" class="smpl">Cache-Control</a> from serving a cached response.
    1436       </p>
    1437       <div class="note" id="rfc.section.5.4.p.8">
    1438          <p><b>Note:</b> Because the meaning of "Pragma: no-cache" in responses is not specified, it does not provide a reliable replacement for "Cache-Control:
    1439             no-cache" in them.
    1440          </p>
    1441       </div>
    1442       <div id="rfc.iref.w.1"></div>
    1443       <h2 id="rfc.section.5.5"><a href="#rfc.section.5.5">5.5</a>&nbsp;<a id="header.warning" href="#header.warning">Warning</a></h2>
    1444       <p id="rfc.section.5.5.p.1">The "Warning" header field is used to carry additional information about the status or transformation of a message that might
    1445          not be reflected in the status code. This information is typically used to warn about possible incorrectness introduced by
    1446          caching operations or transformations applied to the payload of the message.
    1447       </p>
    1448       <p id="rfc.section.5.5.p.2">Warnings can be used for other purposes, both cache-related and otherwise. The use of a warning, rather than an error status
    1449          code, distinguishes these responses from true failures.
    1450       </p>
    1451       <p id="rfc.section.5.5.p.3">Warning header fields can in general be applied to any message, however some warn-codes are specific to caches and can only
    1452          be applied to response messages.
    1453       </p>
    1454       <div id="rfc.figure.u.13"></div><pre class="inline"><span id="rfc.iref.g.9"></span><span id="rfc.iref.g.10"></span><span id="rfc.iref.g.11"></span><span id="rfc.iref.g.12"></span><span id="rfc.iref.g.13"></span><span id="rfc.iref.g.14"></span>  <a href="#header.warning" class="smpl">Warning</a>       = 1#<a href="#header.warning" class="smpl">warning-value</a>
     1530               understand <a href="#header.cache-control" class="smpl">Cache-Control</a> from serving a cached response.
     1531            </p>
     1532            <div class="note" id="rfc.section.5.4.p.8">
     1533               <p><b>Note:</b> Because the meaning of "Pragma: no-cache" in responses is not specified, it does not provide a reliable replacement for "Cache-Control:
     1534                  no-cache" in them.
     1535               </p>
     1536            </div>
     1537         </div>
     1538         <div id="header.warning">
     1539            <div id="rfc.iref.w.1"></div>
     1540            <h2 id="rfc.section.5.5"><a href="#rfc.section.5.5">5.5</a>&nbsp;<a href="#header.warning">Warning</a></h2>
     1541            <p id="rfc.section.5.5.p.1">The "Warning" header field is used to carry additional information about the status or transformation of a message that might
     1542               not be reflected in the status code. This information is typically used to warn about possible incorrectness introduced by
     1543               caching operations or transformations applied to the payload of the message.
     1544            </p>
     1545            <p id="rfc.section.5.5.p.2">Warnings can be used for other purposes, both cache-related and otherwise. The use of a warning, rather than an error status
     1546               code, distinguishes these responses from true failures.
     1547            </p>
     1548            <p id="rfc.section.5.5.p.3">Warning header fields can in general be applied to any message, however some warn-codes are specific to caches and can only
     1549               be applied to response messages.
     1550            </p>
     1551            <div id="rfc.figure.u.13"></div><pre class="inline"><span id="rfc.iref.g.9"></span><span id="rfc.iref.g.10"></span><span id="rfc.iref.g.11"></span><span id="rfc.iref.g.12"></span><span id="rfc.iref.g.13"></span><span id="rfc.iref.g.14"></span>  <a href="#header.warning" class="smpl">Warning</a>       = 1#<a href="#header.warning" class="smpl">warning-value</a>
    14551552 
    14561553  <a href="#header.warning" class="smpl">warning-value</a> = <a href="#header.warning" class="smpl">warn-code</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#header.warning" class="smpl">warn-agent</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#header.warning" class="smpl">warn-text</a>
     
    14651562  <a href="#header.warning" class="smpl">warn-date</a>  = <a href="#imported.abnf" class="smpl">DQUOTE</a> <a href="#imported.abnf" class="smpl">HTTP-date</a> <a href="#imported.abnf" class="smpl">DQUOTE</a>
    14661563</pre><p id="rfc.section.5.5.p.5">Multiple warnings can be generated in a response (either by the origin server or by a cache), including multiple warnings
    1467          with the same warn-code number that only differ in warn-text.
    1468       </p>
    1469       <p id="rfc.section.5.5.p.6">A user agent that receives one or more Warning header fields <em class="bcp14">SHOULD</em> inform the user of as many of them as possible, in the order that they appear in the response. Senders that generate multiple
    1470          Warning header fields are encouraged to order them with this user agent behavior in mind. A sender that generates new Warning
    1471          header fields <em class="bcp14">MUST</em> append them after any existing Warning header fields.
    1472       </p>
    1473       <p id="rfc.section.5.5.p.7">Warnings are assigned three digit warn-codes. The first digit indicates whether the Warning is required to be deleted from
    1474          a stored response after validation:
    1475       </p>
    1476       <ul>
    1477          <li>1xx warn-codes describe the freshness or validation status of the response, and so <em class="bcp14">MUST</em> be deleted by a cache after validation. They can only be generated by a cache when validating a cached entry, and <em class="bcp14">MUST NOT</em> be generated in any other situation.
    1478          </li>
    1479          <li>2xx warn-codes describe some aspect of the representation that is not rectified by a validation (for example, a lossy compression
    1480             of the representation) and <em class="bcp14">MUST NOT</em> be deleted by a cache after validation, unless a full response is sent, in which case they <em class="bcp14">MUST</em> be.
    1481          </li>
    1482       </ul>
    1483       <p id="rfc.section.5.5.p.8">If a sender generates one or more 1xx warn-codes in a message to be sent to a recipient known to implement only HTTP/1.0,
    1484          the sender <em class="bcp14">MUST</em> include in each corresponding warning-value a warn-date that matches the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field in the message. For example:
    1485       </p>
    1486       <div id="rfc.figure.u.14"></div><pre class="text">HTTP/1.1 200 OK
     1564               with the same warn-code number that only differ in warn-text.
     1565            </p>
     1566            <p id="rfc.section.5.5.p.6">A user agent that receives one or more Warning header fields <em class="bcp14">SHOULD</em> inform the user of as many of them as possible, in the order that they appear in the response. Senders that generate multiple
     1567               Warning header fields are encouraged to order them with this user agent behavior in mind. A sender that generates new Warning
     1568               header fields <em class="bcp14">MUST</em> append them after any existing Warning header fields.
     1569            </p>
     1570            <p id="rfc.section.5.5.p.7">Warnings are assigned three digit warn-codes. The first digit indicates whether the Warning is required to be deleted from
     1571               a stored response after validation:
     1572            </p>
     1573            <ul>
     1574               <li>1xx warn-codes describe the freshness or validation status of the response, and so <em class="bcp14">MUST</em> be deleted by a cache after validation. They can only be generated by a cache when validating a cached entry, and <em class="bcp14">MUST NOT</em> be generated in any other situation.
     1575               </li>
     1576               <li>2xx warn-codes describe some aspect of the representation that is not rectified by a validation (for example, a lossy compression
     1577                  of the representation) and <em class="bcp14">MUST NOT</em> be deleted by a cache after validation, unless a full response is sent, in which case they <em class="bcp14">MUST</em> be.
     1578               </li>
     1579            </ul>
     1580            <p id="rfc.section.5.5.p.8">If a sender generates one or more 1xx warn-codes in a message to be sent to a recipient known to implement only HTTP/1.0,
     1581               the sender <em class="bcp14">MUST</em> include in each corresponding warning-value a warn-date that matches the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field in the message. For example:
     1582            </p>
     1583            <div id="rfc.figure.u.14"></div><pre class="text">HTTP/1.1 200 OK
    14871584Date: Sat, 25 Aug 2012 23:34:45 GMT
    14881585Warning: 112 - "network down" "Sat, 25 Aug 2012 23:34:45 GMT"
    14891586
    14901587</pre><p id="rfc.section.5.5.p.10">If a recipient that uses, evaluates, or displays Warning header fields receives a warn-date that is different from the <a href="p2-semantics.html#header.date" class="smpl">Date</a> value in the same message, the recipient <em class="bcp14">MUST</em> exclude the warning-value containing that warn-date before storing, forwarding, or using the message. This allows recipients
    1491          to exclude warning-values that were improperly retained after a cache validation. If all of the warning-values are excluded,
    1492          the recipient <em class="bcp14">MUST</em> exclude the Warning header field as well.
    1493       </p>
    1494       <p id="rfc.section.5.5.p.11">The following warn-codes are defined by this specification, each with a recommended warn-text in English, and a description
    1495          of its meaning. The procedure for defining additional warn codes is described in <a href="#warn.code.registry.procedure" title="Procedure">Section&nbsp;7.2.1</a>.
    1496       </p>
    1497       <div id="rfc.iref.49"></div>
    1498       <div id="rfc.iref.r.1"></div>
    1499       <h3 id="rfc.section.5.5.1"><a href="#rfc.section.5.5.1">5.5.1</a>&nbsp;<a id="warn.110" href="#warn.110">Warning: 110 - "Response is Stale"</a></h3>
    1500       <p id="rfc.section.5.5.1.p.1">A cache <em class="bcp14">SHOULD</em> generate this whenever the sent response is stale.
    1501       </p>
    1502       <div id="rfc.iref.50"></div>
    1503       <div id="rfc.iref.r.2"></div>
    1504       <h3 id="rfc.section.5.5.2"><a href="#rfc.section.5.5.2">5.5.2</a>&nbsp;<a id="warn.111" href="#warn.111">Warning: 111 - "Revalidation Failed"</a></h3>
    1505       <p id="rfc.section.5.5.2.p.1">A cache <em class="bcp14">SHOULD</em> generate this when sending a stale response because an attempt to validate the response failed, due to an inability to reach
    1506          the server.
    1507       </p>
    1508       <div id="rfc.iref.51"></div>
    1509       <div id="rfc.iref.d.1"></div>
    1510       <h3 id="rfc.section.5.5.3"><a href="#rfc.section.5.5.3">5.5.3</a>&nbsp;<a id="warn.112" href="#warn.112">Warning: 112 - "Disconnected Operation"</a></h3>
    1511       <p id="rfc.section.5.5.3.p.1">A cache <em class="bcp14">SHOULD</em> generate this if it is intentionally disconnected from the rest of the network for a period of time.
    1512       </p>
    1513       <div id="rfc.iref.52"></div>
    1514       <div id="rfc.iref.h.2"></div>
    1515       <h3 id="rfc.section.5.5.4"><a href="#rfc.section.5.5.4">5.5.4</a>&nbsp;<a id="warn.113" href="#warn.113">Warning: 113 - "Heuristic Expiration"</a></h3>
    1516       <p id="rfc.section.5.5.4.p.1">A cache <em class="bcp14">SHOULD</em> generate this if it heuristically chose a freshness lifetime greater than 24 hours and the response's age is greater than
    1517          24 hours.
    1518       </p>
    1519       <div id="rfc.iref.53"></div>
    1520       <div id="rfc.iref.m.6"></div>
    1521       <h3 id="rfc.section.5.5.5"><a href="#rfc.section.5.5.5">5.5.5</a>&nbsp;<a id="warn.199" href="#warn.199">Warning: 199 - "Miscellaneous Warning"</a></h3>
    1522       <p id="rfc.section.5.5.5.p.1">The warning text can include arbitrary information to be presented to a human user, or logged. A system receiving this warning <em class="bcp14">MUST NOT</em> take any automated action, besides presenting the warning to the user.
    1523       </p>
    1524       <div id="rfc.iref.54"></div>
    1525       <div id="rfc.iref.t.1"></div>
    1526       <h3 id="rfc.section.5.5.6"><a href="#rfc.section.5.5.6">5.5.6</a>&nbsp;<a id="warn.214" href="#warn.214">Warning: 214 - "Transformation Applied"</a></h3>
    1527       <p id="rfc.section.5.5.6.p.1"><em class="bcp14">MUST</em> be added by a proxy if it applies any transformation to the representation, such as changing the content-coding, media-type,
    1528          or modifying the representation data, unless this Warning code already appears in the response.
    1529       </p>
    1530       <div id="rfc.iref.55"></div>
    1531       <div id="rfc.iref.m.7"></div>
    1532       <h3 id="rfc.section.5.5.7"><a href="#rfc.section.5.5.7">5.5.7</a>&nbsp;<a id="warn.299" href="#warn.299">Warning: 299 - "Miscellaneous Persistent Warning"</a></h3>
    1533       <p id="rfc.section.5.5.7.p.1">The warning text can include arbitrary information to be presented to a human user, or logged. A system receiving this warning <em class="bcp14">MUST NOT</em> take any automated action.
    1534       </p>
    1535       <h1 id="rfc.section.6"><a href="#rfc.section.6">6.</a>&nbsp;<a id="history.lists" href="#history.lists">History Lists</a></h1>
    1536       <p id="rfc.section.6.p.1">User agents often have history mechanisms, such as "Back" buttons and history lists, that can be used to redisplay a representation
    1537          retrieved earlier in a session.
    1538       </p>
    1539       <p id="rfc.section.6.p.2">The freshness model (<a href="#expiration.model" title="Freshness">Section&nbsp;4.2</a>) does not necessarily apply to history mechanisms. I.e., a history mechanism can display a previous representation even if
    1540          it has expired.
    1541       </p>
    1542       <p id="rfc.section.6.p.3">This does not prohibit the history mechanism from telling the user that a view might be stale, or from honoring cache directives
    1543          (e.g., Cache-Control: no-store).
    1544       </p>
    1545       <h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a>&nbsp;<a id="iana.considerations" href="#iana.considerations">IANA Considerations</a></h1>
    1546       <h2 id="rfc.section.7.1"><a href="#rfc.section.7.1">7.1</a>&nbsp;<a id="cache.directive.registry" href="#cache.directive.registry">Cache Directive Registry</a></h2>
    1547       <p id="rfc.section.7.1.p.1">The HTTP Cache Directive Registry defines the name space for the cache directives. It will be created and maintained at &lt;<a href="http://www.iana.org/assignments/http-cache-directives">http://www.iana.org/assignments/http-cache-directives</a>&gt;.
    1548       </p>
    1549       <h3 id="rfc.section.7.1.1"><a href="#rfc.section.7.1.1">7.1.1</a>&nbsp;<a id="cache.directive.registry.procedure" href="#cache.directive.registry.procedure">Procedure</a></h3>
    1550       <p id="rfc.section.7.1.1.p.1">A registration <em class="bcp14">MUST</em> include the following fields:
    1551       </p>
    1552       <ul>
    1553          <li>Cache Directive Name</li>
    1554          <li>Pointer to specification text</li>
    1555       </ul>
    1556       <p id="rfc.section.7.1.1.p.2">Values to be added to this name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.1"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>).
    1557       </p>
    1558       <h3 id="rfc.section.7.1.2"><a href="#rfc.section.7.1.2">7.1.2</a>&nbsp;<a id="cache.directive.considerations" href="#cache.directive.considerations">Considerations for New Cache Control Directives</a></h3>
    1559       <p id="rfc.section.7.1.2.p.1">New extension directives ought to consider defining:</p>
    1560       <p id="rfc.section.7.1.2.p.2"></p>
    1561       <ul>
    1562          <li>What it means for a directive to be specified multiple times,</li>
    1563          <li>When the directive does not take an argument, what it means when an argument is present,</li>
    1564          <li>When the directive requires an argument, what it means when it is missing,</li>
    1565          <li>Whether the directive is specific to requests, responses, or able to be used in either.</li>
    1566       </ul>
    1567       <p id="rfc.section.7.1.2.p.3">See also <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;5.2.3</a>.
    1568       </p>
    1569       <h3 id="rfc.section.7.1.3"><a href="#rfc.section.7.1.3">7.1.3</a>&nbsp;<a id="cache.directive.registration" href="#cache.directive.registration">Registrations</a></h3>
    1570       <p id="rfc.section.7.1.3.p.1">The HTTP Cache Directive Registry shall be populated with the registrations below:</p>
    1571       <div id="rfc.table.1">
    1572          <div id="iana.cache.directive.registration.table"></div>
    1573          <table class="tt full left" cellpadding="3" cellspacing="0">
    1574             <thead>
    1575                <tr>
    1576                   <th>Cache Directive</th>
    1577                   <th>Reference</th>
    1578                </tr>
    1579             </thead>
    1580             <tbody>
    1581                <tr>
    1582                   <td class="left">max-age</td>
    1583                   <td class="left"><a href="#cache-request-directive.max-age" title="max-age">Section&nbsp;5.2.1.1</a>, <a href="#cache-response-directive.max-age" title="max-age">Section&nbsp;5.2.2.8</a>
    1584                   </td>
    1585                </tr>
    1586                <tr>
    1587                   <td class="left">max-stale</td>
    1588                   <td class="left"><a href="#cache-request-directive.max-stale" title="max-stale">Section&nbsp;5.2.1.2</a>
    1589                   </td>
    1590                </tr>
    1591                <tr>
    1592                   <td class="left">min-fresh</td>
    1593                   <td class="left"><a href="#cache-request-directive.min-fresh" title="min-fresh">Section&nbsp;5.2.1.3</a>
    1594                   </td>
    1595                </tr>
    1596                <tr>
    1597                   <td class="left">must-revalidate</td>
    1598                   <td class="left"><a href="#cache-response-directive.must-revalidate" title="must-revalidate">Section&nbsp;5.2.2.1</a>
    1599                   </td>
    1600                </tr>
    1601                <tr>
    1602                   <td class="left">no-cache</td>
    1603                   <td class="left"><a href="#cache-request-directive.no-cache" title="no-cache">Section&nbsp;5.2.1.4</a>, <a href="#cache-response-directive.no-cache" title="no-cache">Section&nbsp;5.2.2.2</a>
    1604                   </td>
    1605                </tr>
    1606                <tr>
    1607                   <td class="left">no-store</td>
    1608                   <td class="left"><a href="#cache-request-directive.no-store" title="no-store">Section&nbsp;5.2.1.5</a>, <a href="#cache-response-directive.no-store" title="no-store">Section&nbsp;5.2.2.3</a>
    1609                   </td>
    1610                </tr>
    1611                <tr>
    1612                   <td class="left">no-transform</td>
    1613                   <td class="left"><a href="#cache-request-directive.no-transform" title="no-transform">Section&nbsp;5.2.1.6</a>, <a href="#cache-response-directive.no-transform" title="no-transform">Section&nbsp;5.2.2.4</a>
    1614                   </td>
    1615                </tr>
    1616                <tr>
    1617                   <td class="left">only-if-cached</td>
    1618                   <td class="left"><a href="#cache-request-directive.only-if-cached" title="only-if-cached">Section&nbsp;5.2.1.7</a>
    1619                   </td>
    1620                </tr>
    1621                <tr>
    1622                   <td class="left">private</td>
    1623                   <td class="left"><a href="#cache-response-directive.private" title="private">Section&nbsp;5.2.2.6</a>
    1624                   </td>
    1625                </tr>
    1626                <tr>
    1627                   <td class="left">proxy-revalidate</td>
    1628                   <td class="left"><a href="#cache-response-directive.proxy-revalidate" title="proxy-revalidate">Section&nbsp;5.2.2.7</a>
    1629                   </td>
    1630                </tr>
    1631                <tr>
    1632                   <td class="left">public</td>
    1633                   <td class="left"><a href="#cache-response-directive.public" title="public">Section&nbsp;5.2.2.5</a>
    1634                   </td>
    1635                </tr>
    1636                <tr>
    1637                   <td class="left">s-maxage</td>
    1638                   <td class="left"><a href="#cache-response-directive.s-maxage" title="s-maxage">Section&nbsp;5.2.2.9</a>
    1639                   </td>
    1640                </tr>
    1641                <tr>
    1642                   <td class="left">stale-if-error</td>
    1643                   <td class="left"><a href="#RFC5861" id="rfc.xref.RFC5861.1"><cite title="HTTP Cache-Control Extensions for Stale Content">[RFC5861]</cite></a>, <a href="http://tools.ietf.org/html/rfc5861#section-4">Section 4</a>
    1644                   </td>
    1645                </tr>
    1646                <tr>
    1647                   <td class="left">stale-while-revalidate</td>
    1648                   <td class="left"><a href="#RFC5861" id="rfc.xref.RFC5861.2"><cite title="HTTP Cache-Control Extensions for Stale Content">[RFC5861]</cite></a>, <a href="http://tools.ietf.org/html/rfc5861#section-3">Section 3</a>
    1649                   </td>
    1650                </tr>
    1651             </tbody>
    1652          </table>
     1588               to exclude warning-values that were improperly retained after a cache validation. If all of the warning-values are excluded,
     1589               the recipient <em class="bcp14">MUST</em> exclude the Warning header field as well.
     1590            </p>
     1591            <p id="rfc.section.5.5.p.11">The following warn-codes are defined by this specification, each with a recommended warn-text in English, and a description
     1592               of its meaning. The procedure for defining additional warn codes is described in <a href="#warn.code.registry.procedure" title="Procedure">Section&nbsp;7.2.1</a>.
     1593            </p>
     1594            <div id="warn.110">
     1595               <div id="rfc.iref.49"></div>
     1596               <div id="rfc.iref.r.1"></div>
     1597               <h3 id="rfc.section.5.5.1"><a href="#rfc.section.5.5.1">5.5.1</a>&nbsp;<a href="#warn.110">Warning: 110 - "Response is Stale"</a></h3>
     1598               <p id="rfc.section.5.5.1.p.1">A cache <em class="bcp14">SHOULD</em> generate this whenever the sent response is stale.
     1599               </p>
     1600            </div>
     1601            <div id="warn.111">
     1602               <div id="rfc.iref.50"></div>
     1603               <div id="rfc.iref.r.2"></div>
     1604               <h3 id="rfc.section.5.5.2"><a href="#rfc.section.5.5.2">5.5.2</a>&nbsp;<a href="#warn.111">Warning: 111 - "Revalidation Failed"</a></h3>
     1605               <p id="rfc.section.5.5.2.p.1">A cache <em class="bcp14">SHOULD</em> generate this when sending a stale response because an attempt to validate the response failed, due to an inability to reach
     1606                  the server.
     1607               </p>
     1608            </div>
     1609            <div id="warn.112">
     1610               <div id="rfc.iref.51"></div>
     1611               <div id="rfc.iref.d.1"></div>
     1612               <h3 id="rfc.section.5.5.3"><a href="#rfc.section.5.5.3">5.5.3</a>&nbsp;<a href="#warn.112">Warning: 112 - "Disconnected Operation"</a></h3>
     1613               <p id="rfc.section.5.5.3.p.1">A cache <em class="bcp14">SHOULD</em> generate this if it is intentionally disconnected from the rest of the network for a period of time.
     1614               </p>
     1615            </div>
     1616            <div id="warn.113">
     1617               <div id="rfc.iref.52"></div>
     1618               <div id="rfc.iref.h.2"></div>
     1619               <h3 id="rfc.section.5.5.4"><a href="#rfc.section.5.5.4">5.5.4</a>&nbsp;<a href="#warn.113">Warning: 113 - "Heuristic Expiration"</a></h3>
     1620               <p id="rfc.section.5.5.4.p.1">A cache <em class="bcp14">SHOULD</em> generate this if it heuristically chose a freshness lifetime greater than 24 hours and the response's age is greater than
     1621                  24 hours.
     1622               </p>
     1623            </div>
     1624            <div id="warn.199">
     1625               <div id="rfc.iref.53"></div>
     1626               <div id="rfc.iref.m.6"></div>
     1627               <h3 id="rfc.section.5.5.5"><a href="#rfc.section.5.5.5">5.5.5</a>&nbsp;<a href="#warn.199">Warning: 199 - "Miscellaneous Warning"</a></h3>
     1628               <p id="rfc.section.5.5.5.p.1">The warning text can include arbitrary information to be presented to a human user, or logged. A system receiving this warning <em class="bcp14">MUST NOT</em> take any automated action, besides presenting the warning to the user.
     1629               </p>
     1630            </div>
     1631            <div id="warn.214">
     1632               <div id="rfc.iref.54"></div>
     1633               <div id="rfc.iref.t.1"></div>
     1634               <h3 id="rfc.section.5.5.6"><a href="#rfc.section.5.5.6">5.5.6</a>&nbsp;<a href="#warn.214">Warning: 214 - "Transformation Applied"</a></h3>
     1635               <p id="rfc.section.5.5.6.p.1"><em class="bcp14">MUST</em> be added by a proxy if it applies any transformation to the representation, such as changing the content-coding, media-type,
     1636                  or modifying the representation data, unless this Warning code already appears in the response.
     1637               </p>
     1638            </div>
     1639            <div id="warn.299">
     1640               <div id="rfc.iref.55"></div>
     1641               <div id="rfc.iref.m.7"></div>
     1642               <h3 id="rfc.section.5.5.7"><a href="#rfc.section.5.5.7">5.5.7</a>&nbsp;<a href="#warn.299">Warning: 299 - "Miscellaneous Persistent Warning"</a></h3>
     1643               <p id="rfc.section.5.5.7.p.1">The warning text can include arbitrary information to be presented to a human user, or logged. A system receiving this warning <em class="bcp14">MUST NOT</em> take any automated action.
     1644               </p>
     1645            </div>
     1646         </div>
    16531647      </div>
    1654       <h2 id="rfc.section.7.2"><a href="#rfc.section.7.2">7.2</a>&nbsp;<a id="warn.code.registry" href="#warn.code.registry">Warn Code Registry</a></h2>
    1655       <p id="rfc.section.7.2.p.1">The HTTP Warn Code Registry defines the name space for warn codes. It will be created and maintained at &lt;<a href="http://www.iana.org/assignments/http-warn-codes">http://www.iana.org/assignments/http-warn-codes</a>&gt;.
    1656       </p>
    1657       <h3 id="rfc.section.7.2.1"><a href="#rfc.section.7.2.1">7.2.1</a>&nbsp;<a id="warn.code.registry.procedure" href="#warn.code.registry.procedure">Procedure</a></h3>
    1658       <p id="rfc.section.7.2.1.p.1">A registration <em class="bcp14">MUST</em> include the following fields:
    1659       </p>
    1660       <ul>
    1661          <li>Warn Code (3 digits)</li>
    1662          <li>Short Description</li>
    1663          <li>Pointer to specification text</li>
    1664       </ul>
    1665       <p id="rfc.section.7.2.1.p.2">Values to be added to this name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.2"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>).
    1666       </p>
    1667       <h3 id="rfc.section.7.2.2"><a href="#rfc.section.7.2.2">7.2.2</a>&nbsp;<a id="warn.code.registration" href="#warn.code.registration">Registrations</a></h3>
    1668       <p id="rfc.section.7.2.2.p.1">The HTTP Warn Code Registry shall be populated with the registrations below:</p>
    1669       <div id="rfc.table.2">
    1670          <div id="iana.warn.code.registration.table"></div>
    1671          <table class="tt full left" cellpadding="3" cellspacing="0">
    1672             <thead>
    1673                <tr>
    1674                   <th>Warn Code</th>
    1675                   <th>Short Description</th>
    1676                   <th>Reference</th>
    1677                </tr>
    1678             </thead>
    1679             <tbody>
    1680                <tr>
    1681                   <td class="left">110</td>
    1682                   <td class="left">Response is Stale</td>
    1683                   <td class="left"><a href="#warn.110" id="rfc.xref.warn.110.2" title="Warning: 110 - &#34;Response is Stale&#34;">Section&nbsp;5.5.1</a>
    1684                   </td>
    1685                </tr>
    1686                <tr>
    1687                   <td class="left">111</td>
    1688                   <td class="left">Revalidation Failed</td>
    1689                   <td class="left"><a href="#warn.111" id="rfc.xref.warn.111.1" title="Warning: 111 - &#34;Revalidation Failed&#34;">Section&nbsp;5.5.2</a>
    1690                   </td>
    1691                </tr>
    1692                <tr>
    1693                   <td class="left">112</td>
    1694                   <td class="left">Disconnected Operation</td>
    1695                   <td class="left"><a href="#warn.112" id="rfc.xref.warn.112.2" title="Warning: 112 - &#34;Disconnected Operation&#34;">Section&nbsp;5.5.3</a>
    1696                   </td>
    1697                </tr>
    1698                <tr>
    1699                   <td class="left">113</td>
    1700                   <td class="left">Heuristic Expiration</td>
    1701                   <td class="left"><a href="#warn.113" id="rfc.xref.warn.113.2" title="Warning: 113 - &#34;Heuristic Expiration&#34;">Section&nbsp;5.5.4</a>
    1702                   </td>
    1703                </tr>
    1704                <tr>
    1705                   <td class="left">199</td>
    1706                   <td class="left">Miscellaneous Warning</td>
    1707                   <td class="left"><a href="#warn.199" id="rfc.xref.warn.199.1" title="Warning: 199 - &#34;Miscellaneous Warning&#34;">Section&nbsp;5.5.5</a>
    1708                   </td>
    1709                </tr>
    1710                <tr>
    1711                   <td class="left">214</td>
    1712                   <td class="left">Transformation Applied</td>
    1713                   <td class="left"><a href="#warn.214" id="rfc.xref.warn.214.1" title="Warning: 214 - &#34;Transformation Applied&#34;">Section&nbsp;5.5.6</a>
    1714                   </td>
    1715                </tr>
    1716                <tr>
    1717                   <td class="left">299</td>
    1718                   <td class="left">Miscellaneous Persistent Warning</td>
    1719                   <td class="left"><a href="#warn.299" id="rfc.xref.warn.299.1" title="Warning: 299 - &#34;Miscellaneous Persistent Warning&#34;">Section&nbsp;5.5.7</a>
    1720                   </td>
    1721                </tr>
    1722             </tbody>
    1723          </table>
     1648      <div id="history.lists">
     1649         <h1 id="rfc.section.6"><a href="#rfc.section.6">6.</a>&nbsp;<a href="#history.lists">History Lists</a></h1>
     1650         <p id="rfc.section.6.p.1">User agents often have history mechanisms, such as "Back" buttons and history lists, that can be used to redisplay a representation
     1651            retrieved earlier in a session.
     1652         </p>
     1653         <p id="rfc.section.6.p.2">The freshness model (<a href="#expiration.model" title="Freshness">Section&nbsp;4.2</a>) does not necessarily apply to history mechanisms. I.e., a history mechanism can display a previous representation even if
     1654            it has expired.
     1655         </p>
     1656         <p id="rfc.section.6.p.3">This does not prohibit the history mechanism from telling the user that a view might be stale, or from honoring cache directives
     1657            (e.g., Cache-Control: no-store).
     1658         </p>
    17241659      </div>
    1725       <h2 id="rfc.section.7.3"><a href="#rfc.section.7.3">7.3</a>&nbsp;<a id="header.field.registration" href="#header.field.registration">Header Field Registration</a></h2>
    1726       <p id="rfc.section.7.3.p.1">HTTP header fields are registered within the Message Header Field Registry maintained at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt;.
    1727       </p>
    1728       <p id="rfc.section.7.3.p.2">This document defines the following HTTP header fields, so their associated registry entries shall be updated according to
    1729          the permanent registrations below (see <a href="#BCP90" id="rfc.xref.BCP90.1"><cite title="Registration Procedures for Message Header Fields">[BCP90]</cite></a>):
    1730       </p>
    1731       <div id="rfc.table.3">
    1732          <div id="iana.header.registration.table"></div>
    1733          <table class="tt full left" cellpadding="3" cellspacing="0">
    1734             <thead>
    1735                <tr>
    1736                   <th>Header Field Name</th>
    1737                   <th>Protocol</th>
    1738                   <th>Status</th>
    1739                   <th>Reference</th>
    1740                </tr>
    1741             </thead>
    1742             <tbody>
    1743                <tr>
    1744                   <td class="left">Age</td>
    1745                   <td class="left">http</td>
    1746                   <td class="left">standard</td>
    1747                   <td class="left"><a href="#header.age" id="rfc.xref.header.age.3" title="Age">Section&nbsp;5.1</a>
    1748                   </td>
    1749                </tr>
    1750                <tr>
    1751                   <td class="left">Cache-Control</td>
    1752                   <td class="left">http</td>
    1753                   <td class="left">standard</td>
    1754                   <td class="left"><a href="#header.cache-control" id="rfc.xref.header.cache-control.2" title="Cache-Control">Section&nbsp;5.2</a>
    1755                   </td>
    1756                </tr>
    1757                <tr>
    1758                   <td class="left">Expires</td>
    1759                   <td class="left">http</td>
    1760                   <td class="left">standard</td>
    1761                   <td class="left"><a href="#header.expires" id="rfc.xref.header.expires.4" title="Expires">Section&nbsp;5.3</a>
    1762                   </td>
    1763                </tr>
    1764                <tr>
    1765                   <td class="left">Pragma</td>
    1766                   <td class="left">http</td>
    1767                   <td class="left">standard</td>
    1768                   <td class="left"><a href="#header.pragma" id="rfc.xref.header.pragma.2" title="Pragma">Section&nbsp;5.4</a>
    1769                   </td>
    1770                </tr>
    1771                <tr>
    1772                   <td class="left">Warning</td>
    1773                   <td class="left">http</td>
    1774                   <td class="left">standard</td>
    1775                   <td class="left"><a href="#header.warning" id="rfc.xref.header.warning.4" title="Warning">Section&nbsp;5.5</a>
    1776                   </td>
    1777                </tr>
    1778             </tbody>
    1779          </table>
     1660      <div id="iana.considerations">
     1661         <h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a>&nbsp;<a href="#iana.considerations">IANA Considerations</a></h1>
     1662         <div id="cache.directive.registry">
     1663            <h2 id="rfc.section.7.1"><a href="#rfc.section.7.1">7.1</a>&nbsp;<a href="#cache.directive.registry">Cache Directive Registry</a></h2>
     1664            <p id="rfc.section.7.1.p.1">The HTTP Cache Directive Registry defines the name space for the cache directives. It will be created and maintained at &lt;<a href="http://www.iana.org/assignments/http-cache-directives">http://www.iana.org/assignments/http-cache-directives</a>&gt;.
     1665            </p>
     1666            <div id="cache.directive.registry.procedure">
     1667               <h3 id="rfc.section.7.1.1"><a href="#rfc.section.7.1.1">7.1.1</a>&nbsp;<a href="#cache.directive.registry.procedure">Procedure</a></h3>
     1668               <p id="rfc.section.7.1.1.p.1">A registration <em class="bcp14">MUST</em> include the following fields:
     1669               </p>
     1670               <ul>
     1671                  <li>Cache Directive Name</li>
     1672                  <li>Pointer to specification text</li>
     1673               </ul>
     1674               <p id="rfc.section.7.1.1.p.2">Values to be added to this name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.1"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>).
     1675               </p>
     1676            </div>
     1677            <div id="cache.directive.considerations">
     1678               <h3 id="rfc.section.7.1.2"><a href="#rfc.section.7.1.2">7.1.2</a>&nbsp;<a href="#cache.directive.considerations">Considerations for New Cache Control Directives</a></h3>
     1679               <p id="rfc.section.7.1.2.p.1">New extension directives ought to consider defining:</p>
     1680               <p id="rfc.section.7.1.2.p.2"></p>
     1681               <ul>
     1682                  <li>What it means for a directive to be specified multiple times,</li>
     1683                  <li>When the directive does not take an argument, what it means when an argument is present,</li>
     1684                  <li>When the directive requires an argument, what it means when it is missing,</li>
     1685                  <li>Whether the directive is specific to requests, responses, or able to be used in either.</li>
     1686               </ul>
     1687               <p id="rfc.section.7.1.2.p.3">See also <a href="#cache.control.extensions" title="Cache Control Extensions">Section&nbsp;5.2.3</a>.
     1688               </p>
     1689            </div>
     1690            <div id="cache.directive.registration">
     1691               <h3 id="rfc.section.7.1.3"><a href="#rfc.section.7.1.3">7.1.3</a>&nbsp;<a href="#cache.directive.registration">Registrations</a></h3>
     1692               <p id="rfc.section.7.1.3.p.1">The HTTP Cache Directive Registry shall be populated with the registrations below:</p>
     1693               <div id="rfc.table.1">
     1694                  <div id="iana.cache.directive.registration.table"></div>
     1695                  <table class="tt full left" cellpadding="3" cellspacing="0">
     1696                     <thead>
     1697                        <tr>
     1698                           <th>Cache Directive</th>
     1699                           <th>Reference</th>
     1700                        </tr>
     1701                     </thead>
     1702                     <tbody>
     1703                        <tr>
     1704                           <td class="left">max-age</td>
     1705                           <td class="left"><a href="#cache-request-directive.max-age" title="max-age">Section&nbsp;5.2.1.1</a>, <a href="#cache-response-directive.max-age" title="max-age">Section&nbsp;5.2.2.8</a>
     1706                           </td>
     1707                        </tr>
     1708                        <tr>
     1709                           <td class="left">max-stale</td>
     1710                           <td class="left"><a href="#cache-request-directive.max-stale" title="max-stale">Section&nbsp;5.2.1.2</a>
     1711                           </td>
     1712                        </tr>
     1713                        <tr>
     1714                           <td class="left">min-fresh</td>
     1715                           <td class="left"><a href="#cache-request-directive.min-fresh" title="min-fresh">Section&nbsp;5.2.1.3</a>
     1716                           </td>
     1717                        </tr>
     1718                        <tr>
     1719                           <td class="left">must-revalidate</td>
     1720                           <td class="left"><a href="#cache-response-directive.must-revalidate" title="must-revalidate">Section&nbsp;5.2.2.1</a>
     1721                           </td>
     1722                        </tr>
     1723                        <tr>
     1724                           <td class="left">no-cache</td>
     1725                           <td class="left"><a href="#cache-request-directive.no-cache" title="no-cache">Section&nbsp;5.2.1.4</a>, <a href="#cache-response-directive.no-cache" title="no-cache">Section&nbsp;5.2.2.2</a>
     1726                           </td>
     1727                        </tr>
     1728                        <tr>
     1729                           <td class="left">no-store</td>
     1730                           <td class="left"><a href="#cache-request-directive.no-store" title="no-store">Section&nbsp;5.2.1.5</a>, <a href="#cache-response-directive.no-store" title="no-store">Section&nbsp;5.2.2.3</a>
     1731                           </td>
     1732                        </tr>
     1733                        <tr>
     1734                           <td class="left">no-transform</td>
     1735                           <td class="left"><a href="#cache-request-directive.no-transform" title="no-transform">Section&nbsp;5.2.1.6</a>, <a href="#cache-response-directive.no-transform" title="no-transform">Section&nbsp;5.2.2.4</a>
     1736                           </td>
     1737                        </tr>
     1738                        <tr>
     1739                           <td class="left">only-if-cached</td>
     1740                           <td class="left"><a href="#cache-request-directive.only-if-cached" title="only-if-cached">Section&nbsp;5.2.1.7</a>
     1741                           </td>
     1742                        </tr>
     1743                        <tr>
     1744                           <td class="left">private</td>
     1745                           <td class="left"><a href="#cache-response-directive.private" title="private">Section&nbsp;5.2.2.6</a>
     1746                           </td>
     1747                        </tr>
     1748                        <tr>
     1749                           <td class="left">proxy-revalidate</td>
     1750                           <td class="left"><a href="#cache-response-directive.proxy-revalidate" title="proxy-revalidate">Section&nbsp;5.2.2.7</a>
     1751                           </td>
     1752                        </tr>
     1753                        <tr>
     1754                           <td class="left">public</td>
     1755                           <td class="left"><a href="#cache-response-directive.public" title="public">Section&nbsp;5.2.2.5</a>
     1756                           </td>
     1757                        </tr>
     1758                        <tr>
     1759                           <td class="left">s-maxage</td>
     1760                           <td class="left"><a href="#cache-response-directive.s-maxage" title="s-maxage">Section&nbsp;5.2.2.9</a>
     1761                           </td>
     1762                        </tr>
     1763                        <tr>
     1764                           <td class="left">stale-if-error</td>
     1765                           <td class="left"><a href="#RFC5861" id="rfc.xref.RFC5861.1"><cite title="HTTP Cache-Control Extensions for Stale Content">[RFC5861]</cite></a>, <a href="http://tools.ietf.org/html/rfc5861#section-4">Section 4</a>
     1766                           </td>
     1767                        </tr>
     1768                        <tr>
     1769                           <td class="left">stale-while-revalidate</td>
     1770                           <td class="left"><a href="#RFC5861" id="rfc.xref.RFC5861.2"><cite title="HTTP Cache-Control Extensions for Stale Content">[RFC5861]</cite></a>, <a href="http://tools.ietf.org/html/rfc5861#section-3">Section 3</a>
     1771                           </td>
     1772                        </tr>
     1773                     </tbody>
     1774                  </table>
     1775               </div>
     1776            </div>
     1777         </div>
     1778         <div id="warn.code.registry">
     1779            <h2 id="rfc.section.7.2"><a href="#rfc.section.7.2">7.2</a>&nbsp;<a href="#warn.code.registry">Warn Code Registry</a></h2>
     1780            <p id="rfc.section.7.2.p.1">The HTTP Warn Code Registry defines the name space for warn codes. It will be created and maintained at &lt;<a href="http://www.iana.org/assignments/http-warn-codes">http://www.iana.org/assignments/http-warn-codes</a>&gt;.
     1781            </p>
     1782            <div id="warn.code.registry.procedure">
     1783               <h3 id="rfc.section.7.2.1"><a href="#rfc.section.7.2.1">7.2.1</a>&nbsp;<a href="#warn.code.registry.procedure">Procedure</a></h3>
     1784               <p id="rfc.section.7.2.1.p.1">A registration <em class="bcp14">MUST</em> include the following fields:
     1785               </p>
     1786               <ul>
     1787                  <li>Warn Code (3 digits)</li>
     1788                  <li>Short Description</li>
     1789                  <li>Pointer to specification text</li>
     1790               </ul>
     1791               <p id="rfc.section.7.2.1.p.2">Values to be added to this name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.2"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>).
     1792               </p>
     1793            </div>
     1794            <div id="warn.code.registration">
     1795               <h3 id="rfc.section.7.2.2"><a href="#rfc.section.7.2.2">7.2.2</a>&nbsp;<a href="#warn.code.registration">Registrations</a></h3>
     1796               <p id="rfc.section.7.2.2.p.1">The HTTP Warn Code Registry shall be populated with the registrations below:</p>
     1797               <div id="rfc.table.2">
     1798                  <div id="iana.warn.code.registration.table"></div>
     1799                  <table class="tt full left" cellpadding="3" cellspacing="0">
     1800                     <thead>
     1801                        <tr>
     1802                           <th>Warn Code</th>
     1803                           <th>Short Description</th>
     1804                           <th>Reference</th>
     1805                        </tr>
     1806                     </thead>
     1807                     <tbody>
     1808                        <tr>
     1809                           <td class="left">110</td>
     1810                           <td class="left">Response is Stale</td>
     1811                           <td class="left"><a href="#warn.110" id="rfc.xref.warn.110.2" title="Warning: 110 - &#34;Response is Stale&#34;">Section&nbsp;5.5.1</a>
     1812                           </td>
     1813                        </tr>
     1814                        <tr>
     1815                           <td class="left">111</td>
     1816                           <td class="left">Revalidation Failed</td>
     1817                           <td class="left"><a href="#warn.111" id="rfc.xref.warn.111.1" title="Warning: 111 - &#34;Revalidation Failed&#34;">Section&nbsp;5.5.2</a>
     1818                           </td>
     1819                        </tr>
     1820                        <tr>
     1821                           <td class="left">112</td>
     1822                           <td class="left">Disconnected Operation</td>
     1823                           <td class="left"><a href="#warn.112" id="rfc.xref.warn.112.2" title="Warning: 112 - &#34;Disconnected Operation&#34;">Section&nbsp;5.5.3</a>
     1824                           </td>
     1825                        </tr>
     1826                        <tr>
     1827                           <td class="left">113</td>
     1828                           <td class="left">Heuristic Expiration</td>
     1829                           <td class="left"><a href="#warn.113" id="rfc.xref.warn.113.2" title="Warning: 113 - &#34;Heuristic Expiration&#34;">Section&nbsp;5.5.4</a>
     1830                           </td>
     1831                        </tr>
     1832                        <tr>
     1833                           <td class="left">199</td>
     1834                           <td class="left">Miscellaneous Warning</td>
     1835                           <td class="left"><a href="#warn.199" id="rfc.xref.warn.199.1" title="Warning: 199 - &#34;Miscellaneous Warning&#34;">Section&nbsp;5.5.5</a>
     1836                           </td>
     1837                        </tr>
     1838                        <tr>
     1839                           <td class="left">214</td>
     1840                           <td class="left">Transformation Applied</td>
     1841                           <td class="left"><a href="#warn.214" id="rfc.xref.warn.214.1" title="Warning: 214 - &#34;Transformation Applied&#34;">Section&nbsp;5.5.6</a>
     1842                           </td>
     1843                        </tr>
     1844                        <tr>
     1845                           <td class="left">299</td>
     1846                           <td class="left">Miscellaneous Persistent Warning</td>
     1847                           <td class="left"><a href="#warn.299" id="rfc.xref.warn.299.1" title="Warning: 299 - &#34;Miscellaneous Persistent Warning&#34;">Section&nbsp;5.5.7</a>
     1848                           </td>
     1849                        </tr>
     1850                     </tbody>
     1851                  </table>
     1852               </div>
     1853            </div>
     1854         </div>
     1855         <div id="header.field.registration">
     1856            <h2 id="rfc.section.7.3"><a href="#rfc.section.7.3">7.3</a>&nbsp;<a href="#header.field.registration">Header Field Registration</a></h2>
     1857            <p id="rfc.section.7.3.p.1">HTTP header fields are registered within the Message Header Field Registry maintained at &lt;<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>&gt;.
     1858            </p>
     1859            <p id="rfc.section.7.3.p.2">This document defines the following HTTP header fields, so their associated registry entries shall be updated according to
     1860               the permanent registrations below (see <a href="#BCP90" id="rfc.xref.BCP90.1"><cite title="Registration Procedures for Message Header Fields">[BCP90]</cite></a>):
     1861            </p>
     1862            <div id="rfc.table.3">
     1863               <div id="iana.header.registration.table"></div>
     1864               <table class="tt full left" cellpadding="3" cellspacing="0">
     1865                  <thead>
     1866                     <tr>
     1867                        <th>Header Field Name</th>
     1868                        <th>Protocol</th>
     1869                        <th>Status</th>
     1870                        <th>Reference</th>
     1871                     </tr>
     1872                  </thead>
     1873                  <tbody>
     1874                     <tr>
     1875                        <td class="left">Age</td>
     1876                        <td class="left">http</td>
     1877                        <td class="left">standard</td>
     1878                        <td class="left"><a href="#header.age" id="rfc.xref.header.age.3" title="Age">Section&nbsp;5.1</a>
     1879                        </td>
     1880                     </tr>
     1881                     <tr>
     1882                        <td class="left">Cache-Control</td>
     1883                        <td class="left">http</td>
     1884                        <td class="left">standard</td>
     1885                        <td class="left"><a href="#header.cache-control" id="rfc.xref.header.cache-control.2" title="Cache-Control">Section&nbsp;5.2</a>
     1886                        </td>
     1887                     </tr>
     1888                     <tr>
     1889                        <td class="left">Expires</td>
     1890                        <td class="left">http</td>
     1891                        <td class="left">standard</td>
     1892                        <td class="left"><a href="#header.expires" id="rfc.xref.header.expires.4" title="Expires">Section&nbsp;5.3</a>
     1893                        </td>
     1894                     </tr>
     1895                     <tr>
     1896                        <td class="left">Pragma</td>
     1897                        <td class="left">http</td>
     1898                        <td class="left">standard</td>
     1899                        <td class="left"><a href="#header.pragma" id="rfc.xref.header.pragma.2" title="Pragma">Section&nbsp;5.4</a>
     1900                        </td>
     1901                     </tr>
     1902                     <tr>
     1903                        <td class="left">Warning</td>
     1904                        <td class="left">http</td>
     1905                        <td class="left">standard</td>
     1906                        <td class="left"><a href="#header.warning" id="rfc.xref.header.warning.4" title="Warning">Section&nbsp;5.5</a>
     1907                        </td>
     1908                     </tr>
     1909                  </tbody>
     1910               </table>
     1911            </div>
     1912            <p id="rfc.section.7.3.p.3">The change controller is: "IETF (iesg@ietf.org) - Internet Engineering Task Force".</p>
     1913         </div>
    17801914      </div>
    1781       <p id="rfc.section.7.3.p.3">The change controller is: "IETF (iesg@ietf.org) - Internet Engineering Task Force".</p>
    1782       <h1 id="rfc.section.8"><a href="#rfc.section.8">8.</a>&nbsp;<a id="security.considerations" href="#security.considerations">Security Considerations</a></h1>
    1783       <p id="rfc.section.8.p.1">This section is meant to inform developers, information providers, and users of known security concerns specific to HTTP/1.1
    1784          caching. More general security considerations are addressed in HTTP messaging <a href="#Part1" id="rfc.xref.Part1.11"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> and semantics <a href="#Part2" id="rfc.xref.Part2.8"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>.
    1785       </p>
    1786       <p id="rfc.section.8.p.2">Caches expose additional potential vulnerabilities, since the contents of the cache represent an attractive target for malicious
    1787          exploitation. Because cache contents persist after an HTTP request is complete, an attack on the cache can reveal information
    1788          long after a user believes that the information has been removed from the network. Therefore, cache contents need to be protected
    1789          as sensitive information.
    1790       </p>
    1791       <p id="rfc.section.8.p.3">Furthermore, the very use of a cache can bring about privacy concerns. For example, if two users share a cache, and the first
    1792          one browses to a site, the second may be able to detect that the other has been to that site, because the resources from it
    1793          load more quickly, thanks to the cache.
    1794       </p>
    1795       <p id="rfc.section.8.p.4">Implementation flaws might allow attackers to insert content into a cache ("cache poisoning"), leading to compromise of clients
    1796          that trust that content. Because of their nature, these attacks are difficult to mitigate.
    1797       </p>
    1798       <p id="rfc.section.8.p.5">Likewise, implementation flaws (as well as misunderstanding of cache operation) might lead to caching of sensitive information
    1799          (e.g., authentication credentials) that is thought to be private, exposing it to unauthorized parties.
    1800       </p>
    1801       <p id="rfc.section.8.p.6">Note that the Set-Cookie response header field <a href="#RFC6265" id="rfc.xref.RFC6265.1"><cite title="HTTP State Management Mechanism">[RFC6265]</cite></a> does not inhibit caching; a cacheable response with a Set-Cookie header field can be (and often is) used to satisfy subsequent
    1802          requests to caches. Servers who wish to control caching of these responses are encouraged to emit appropriate Cache-Control
    1803          response header fields.
    1804       </p>
    1805       <h1 id="rfc.section.9"><a href="#rfc.section.9">9.</a>&nbsp;<a id="acks" href="#acks">Acknowledgments</a></h1>
    1806       <p id="rfc.section.9.p.1">See <a href="p1-messaging.html#acks" title="Acknowledgments">Section 10</a> of <a href="#Part1" id="rfc.xref.Part1.12"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.
    1807       </p>
     1915      <div id="security.considerations">
     1916         <h1 id="rfc.section.8"><a href="#rfc.section.8">8.</a>&nbsp;<a href="#security.considerations">Security Considerations</a></h1>
     1917         <p id="rfc.section.8.p.1">This section is meant to inform developers, information providers, and users of known security concerns specific to HTTP/1.1
     1918            caching. More general security considerations are addressed in HTTP messaging <a href="#Part1" id="rfc.xref.Part1.11"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> and semantics <a href="#Part2" id="rfc.xref.Part2.8"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>.
     1919         </p>
     1920         <p id="rfc.section.8.p.2">Caches expose additional potential vulnerabilities, since the contents of the cache represent an attractive target for malicious
     1921            exploitation. Because cache contents persist after an HTTP request is complete, an attack on the cache can reveal information
     1922            long after a user believes that the information has been removed from the network. Therefore, cache contents need to be protected
     1923            as sensitive information.
     1924         </p>
     1925         <p id="rfc.section.8.p.3">Furthermore, the very use of a cache can bring about privacy concerns. For example, if two users share a cache, and the first
     1926            one browses to a site, the second may be able to detect that the other has been to that site, because the resources from it
     1927            load more quickly, thanks to the cache.
     1928         </p>
     1929         <p id="rfc.section.8.p.4">Implementation flaws might allow attackers to insert content into a cache ("cache poisoning"), leading to compromise of clients
     1930            that trust that content. Because of their nature, these attacks are difficult to mitigate.
     1931         </p>
     1932         <p id="rfc.section.8.p.5">Likewise, implementation flaws (as well as misunderstanding of cache operation) might lead to caching of sensitive information
     1933            (e.g., authentication credentials) that is thought to be private, exposing it to unauthorized parties.
     1934         </p>
     1935         <p id="rfc.section.8.p.6">Note that the Set-Cookie response header field <a href="#RFC6265" id="rfc.xref.RFC6265.1"><cite title="HTTP State Management Mechanism">[RFC6265]</cite></a> does not inhibit caching; a cacheable response with a Set-Cookie header field can be (and often is) used to satisfy subsequent
     1936            requests to caches. Servers who wish to control caching of these responses are encouraged to emit appropriate Cache-Control
     1937            response header fields.
     1938         </p>
     1939      </div>
     1940      <div id="acks">
     1941         <h1 id="rfc.section.9"><a href="#rfc.section.9">9.</a>&nbsp;<a href="#acks">Acknowledgments</a></h1>
     1942         <p id="rfc.section.9.p.1">See <a href="p1-messaging.html#acks" title="Acknowledgments">Section 10</a> of <a href="#Part1" id="rfc.xref.Part1.12"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.
     1943         </p>
     1944      </div>
    18081945      <h1 id="rfc.references"><a id="rfc.section.10" href="#rfc.section.10">10.</a> References
    18091946      </h1>
     
    18832020      <div class="avoidbreak">
    18842021         <h1 id="rfc.authors"><a href="#rfc.authors">Authors' Addresses</a></h1>
    1885          <address><span class="vcardline"><b>Roy T. Fielding</b>
    1886                (editor)
    1887                </span><span class="vcardline">Adobe Systems Incorporated</span><span class="vcardline">345 Park Ave</span><span class="vcardline">San Jose, CA&nbsp;95110</span><span class="vcardline">USA</span><span class="vcardline">Email: <a href="mailto:fielding@gbiv.com">fielding@gbiv.com</a></span><span class="vcardline">URI: <a href="http://roy.gbiv.com/">http://roy.gbiv.com/</a></span></address>
    1888          <address><span class="vcardline"><b>Mark Nottingham</b>
    1889                (editor)
    1890                </span><span class="vcardline">Akamai</span><span class="vcardline">Email: <a href="mailto:mnot@mnot.net">mnot@mnot.net</a></span><span class="vcardline">URI: <a href="http://www.mnot.net/">http://www.mnot.net/</a></span></address>
    1891          <address><span class="vcardline"><b>Julian F. Reschke</b>
    1892                (editor)
    1893                </span><span class="vcardline">greenbytes GmbH</span><span class="vcardline">Hafenweg 16</span><span class="vcardline">Muenster, NW&nbsp;48155</span><span class="vcardline">Germany</span><span class="vcardline">Email: <a href="mailto:julian.reschke@greenbytes.de">julian.reschke@greenbytes.de</a></span><span class="vcardline">URI: <a href="http://greenbytes.de/tech/webdav/">http://greenbytes.de/tech/webdav/</a></span></address>
     2022         <p><b>Roy T. Fielding</b>
     2023            (editor)
     2024            <br>Adobe Systems Incorporated<br>345 Park Ave<br>San Jose, CA&nbsp;95110<br>USA<br>Email: <a href="mailto:fielding@gbiv.com">fielding@gbiv.com</a><br>URI: <a href="http://roy.gbiv.com/">http://roy.gbiv.com/</a></p>
     2025         <p><b>Mark Nottingham</b>
     2026            (editor)
     2027            <br>Akamai<br>Email: <a href="mailto:mnot@mnot.net">mnot@mnot.net</a><br>URI: <a href="http://www.mnot.net/">http://www.mnot.net/</a></p>
     2028         <p><b>Julian F. Reschke</b>
     2029            (editor)
     2030            <br>greenbytes GmbH<br>Hafenweg 16<br>Muenster, NW&nbsp;48155<br>Germany<br>Email: <a href="mailto:julian.reschke@greenbytes.de">julian.reschke@greenbytes.de</a><br>URI: <a href="http://greenbytes.de/tech/webdav/">http://greenbytes.de/tech/webdav/</a></p>
    18942031      </div>
    1895       <h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a>&nbsp;<a id="changes.from.rfc.2616" href="#changes.from.rfc.2616">Changes from RFC 2616</a></h1>
    1896       <p id="rfc.section.A.p.1">The specification has been substantially rewritten for clarity.</p>
    1897       <p id="rfc.section.A.p.2">The conditions under which an authenticated response can be cached have been clarified. (<a href="#caching.authenticated.responses" title="Storing Responses to Authenticated Requests">Section&nbsp;3.2</a>)
    1898       </p>
    1899       <p id="rfc.section.A.p.3">New status codes can now define that caches are allowed to use heuristic freshness with them. Caches are now allowed to calculate
    1900          heuristic freshness for URIs with query components. (<a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section&nbsp;4.2.2</a>)
    1901       </p>
    1902       <p id="rfc.section.A.p.4">The algorithm for calculating age is now less conservative. Caches are now required to handle dates with timezones as if they're
    1903          invalid, because it's not possible to accurately guess. (<a href="#age.calculations" title="Calculating Age">Section&nbsp;4.2.3</a>)
    1904       </p>
    1905       <p id="rfc.section.A.p.5">The <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> response header field is no longer used to determine the appropriate response to use when validating. (<a href="#validation.model" title="Validation">Section&nbsp;4.3</a>)
    1906       </p>
    1907       <p id="rfc.section.A.p.6">The algorithm for selecting a cached negotiated response to use has been clarified in several ways. In particular, it now
    1908          explicitly allows header-specific canonicalization when processing selecting header fields. (<a href="#caching.negotiated.responses" title="Calculating Secondary Keys with Vary">Section&nbsp;4.1</a>)
    1909       </p>
    1910       <p id="rfc.section.A.p.7">Requirements regarding denial of service attack avoidance when performing invalidation have been clarified. (<a href="#invalidation" title="Invalidation">Section&nbsp;4.4</a>)
    1911       </p>
    1912       <p id="rfc.section.A.p.8">Cache invalidation only occurs when a successful response is received. (<a href="#invalidation" title="Invalidation">Section&nbsp;4.4</a>)
    1913       </p>
    1914       <p id="rfc.section.A.p.9">Cache directives are explicitly defined to be case-insensitive. Handling of multiple instances of cache directives when only
    1915          one is expected is now defined. (<a href="#header.cache-control" id="rfc.xref.header.cache-control.3" title="Cache-Control">Section&nbsp;5.2</a>)
    1916       </p>
    1917       <p id="rfc.section.A.p.10">The "no-store" cache request directive doesn't apply to responses; i.e., a cache can satisfy a request with no-store on it,
    1918          and does not invalidate it. (<a href="#cache-request-directive.no-store" title="no-store">Section&nbsp;5.2.1.5</a>)
    1919       </p>
    1920       <p id="rfc.section.A.p.11">The qualified forms of the private and no-cache cache directives are noted to not be widely implemented; e.g., "private=foo"
    1921          is interpreted by many caches as simply "private". Additionally, the meaning of the qualified form of no-cache has been clarified.
    1922          (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section&nbsp;5.2.2</a>)
    1923       </p>
    1924       <p id="rfc.section.A.p.12">The "no-cache" response cache directive's meaning has been clarified. (<a href="#cache-response-directive.no-cache" title="no-cache">Section&nbsp;5.2.2.2</a>)
    1925       </p>
    1926       <p id="rfc.section.A.p.13">The one-year limit on <a href="#header.expires" class="smpl">Expires</a> header field values has been removed; instead, the reasoning for using a sensible value is given. (<a href="#header.expires" id="rfc.xref.header.expires.5" title="Expires">Section&nbsp;5.3</a>)
    1927       </p>
    1928       <p id="rfc.section.A.p.14">The <a href="#header.pragma" class="smpl">Pragma</a> header field is now only defined for backwards compatibility; future pragmas are deprecated. (<a href="#header.pragma" id="rfc.xref.header.pragma.3" title="Pragma">Section&nbsp;5.4</a>)
    1929       </p>
    1930       <p id="rfc.section.A.p.15">Some requirements regarding production and processing of the <a href="#header.warning" class="smpl">Warning</a> header fields have been relaxed, as it is not widely implemented. Furthermore, the <a href="#header.warning" class="smpl">Warning</a> header field no longer uses RFC 2047 encoding, nor allows multiple languages, as these aspects were not implemented. (<a href="#header.warning" id="rfc.xref.header.warning.5" title="Warning">Section&nbsp;5.5</a>)
    1931       </p>
    1932       <p id="rfc.section.A.p.16">This specification introduces the Cache Directive and Warn Code Registries, and defines considerations for new cache directives.
    1933          (<a href="#cache.directive.registry" title="Cache Directive Registry">Section&nbsp;7.1</a> and <a href="#warn.code.registry" title="Warn Code Registry">Section&nbsp;7.2</a>)
    1934       </p>
    1935       <h1 id="rfc.section.B"><a href="#rfc.section.B">B.</a>&nbsp;<a id="imported.abnf" href="#imported.abnf">Imported ABNF</a></h1>
    1936       <p id="rfc.section.B.p.1">The following core rules are included by reference, as defined in <a href="http://tools.ietf.org/html/rfc5234#appendix-B.1">Appendix B.1</a> of <a href="#RFC5234" id="rfc.xref.RFC5234.2"><cite title="Augmented BNF for Syntax Specifications: ABNF">[RFC5234]</cite></a>: ALPHA (letters), CR (carriage return), CRLF (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote), HEXDIG
    1937          (hexadecimal 0-9/A-F/a-f), LF (line feed), OCTET (any 8-bit sequence of data), SP (space), and VCHAR (any visible US-ASCII
    1938          character).
    1939       </p>
    1940       <p id="rfc.section.B.p.2">The rules below are defined in <a href="#Part1" id="rfc.xref.Part1.13"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>:
    1941       </p>
    1942       <div id="rfc.figure.u.15"></div><pre class="inline">  <a href="#imported.abnf" class="smpl">OWS</a>           = &lt;OWS, defined in <a href="#Part1" id="rfc.xref.Part1.14"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>, <a href="p1-messaging.html#whitespace" title="Whitespace">Section 3.2.3</a>&gt;
     2032      <div id="changes.from.rfc.2616">
     2033         <h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a>&nbsp;<a href="#changes.from.rfc.2616">Changes from RFC 2616</a></h1>
     2034         <p id="rfc.section.A.p.1">The specification has been substantially rewritten for clarity.</p>
     2035         <p id="rfc.section.A.p.2">The conditions under which an authenticated response can be cached have been clarified. (<a href="#caching.authenticated.responses" title="Storing Responses to Authenticated Requests">Section&nbsp;3.2</a>)
     2036         </p>
     2037         <p id="rfc.section.A.p.3">New status codes can now define that caches are allowed to use heuristic freshness with them. Caches are now allowed to calculate
     2038            heuristic freshness for URIs with query components. (<a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section&nbsp;4.2.2</a>)
     2039         </p>
     2040         <p id="rfc.section.A.p.4">The algorithm for calculating age is now less conservative. Caches are now required to handle dates with timezones as if they're
     2041            invalid, because it's not possible to accurately guess. (<a href="#age.calculations" title="Calculating Age">Section&nbsp;4.2.3</a>)
     2042         </p>
     2043         <p id="rfc.section.A.p.5">The <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> response header field is no longer used to determine the appropriate response to use when validating. (<a href="#validation.model" title="Validation">Section&nbsp;4.3</a>)
     2044         </p>
     2045         <p id="rfc.section.A.p.6">The algorithm for selecting a cached negotiated response to use has been clarified in several ways. In particular, it now
     2046            explicitly allows header-specific canonicalization when processing selecting header fields. (<a href="#caching.negotiated.responses" title="Calculating Secondary Keys with Vary">Section&nbsp;4.1</a>)
     2047         </p>
     2048         <p id="rfc.section.A.p.7">Requirements regarding denial of service attack avoidance when performing invalidation have been clarified. (<a href="#invalidation" title="Invalidation">Section&nbsp;4.4</a>)
     2049         </p>
     2050         <p id="rfc.section.A.p.8">Cache invalidation only occurs when a successful response is received. (<a href="#invalidation" title="Invalidation">Section&nbsp;4.4</a>)
     2051         </p>
     2052         <p id="rfc.section.A.p.9">Cache directives are explicitly defined to be case-insensitive. Handling of multiple instances of cache directives when only
     2053            one is expected is now defined. (<a href="#header.cache-control" id="rfc.xref.header.cache-control.3" title="Cache-Control">Section&nbsp;5.2</a>)
     2054         </p>
     2055         <p id="rfc.section.A.p.10">The "no-store" cache request directive doesn't apply to responses; i.e., a cache can satisfy a request with no-store on it,
     2056            and does not invalidate it. (<a href="#cache-request-directive.no-store" title="no-store">Section&nbsp;5.2.1.5</a>)
     2057         </p>
     2058         <p id="rfc.section.A.p.11">The qualified forms of the private and no-cache cache directives are noted to not be widely implemented; e.g., "private=foo"
     2059            is interpreted by many caches as simply "private". Additionally, the meaning of the qualified form of no-cache has been clarified.
     2060            (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section&nbsp;5.2.2</a>)
     2061         </p>
     2062         <p id="rfc.section.A.p.12">The "no-cache" response cache directive's meaning has been clarified. (<a href="#cache-response-directive.no-cache" title="no-cache">Section&nbsp;5.2.2.2</a>)
     2063         </p>
     2064         <p id="rfc.section.A.p.13">The one-year limit on <a href="#header.expires" class="smpl">Expires</a> header field values has been removed; instead, the reasoning for using a sensible value is given. (<a href="#header.expires" id="rfc.xref.header.expires.5" title="Expires">Section&nbsp;5.3</a>)
     2065         </p>
     2066         <p id="rfc.section.A.p.14">The <a href="#header.pragma" class="smpl">Pragma</a> header field is now only defined for backwards compatibility; future pragmas are deprecated. (<a href="#header.pragma" id="rfc.xref.header.pragma.3" title="Pragma">Section&nbsp;5.4</a>)
     2067         </p>
     2068         <p id="rfc.section.A.p.15">Some requirements regarding production and processing of the <a href="#header.warning" class="smpl">Warning</a> header fields have been relaxed, as it is not widely implemented. Furthermore, the <a href="#header.warning" class="smpl">Warning</a> header field no longer uses RFC 2047 encoding, nor allows multiple languages, as these aspects were not implemented. (<a href="#header.warning" id="rfc.xref.header.warning.5" title="Warning">Section&nbsp;5.5</a>)
     2069         </p>
     2070         <p id="rfc.section.A.p.16">This specification introduces the Cache Directive and Warn Code Registries, and defines considerations for new cache directives.
     2071            (<a href="#cache.directive.registry" title="Cache Directive Registry">Section&nbsp;7.1</a> and <a href="#warn.code.registry" title="Warn Code Registry">Section&nbsp;7.2</a>)
     2072         </p>
     2073      </div>
     2074      <div id="imported.abnf">
     2075         <h1 id="rfc.section.B"><a href="#rfc.section.B">B.</a>&nbsp;<a href="#imported.abnf">Imported ABNF</a></h1>
     2076         <p id="rfc.section.B.p.1">The following core rules are included by reference, as defined in <a href="http://tools.ietf.org/html/rfc5234#appendix-B.1">Appendix B.1</a> of <a href="#RFC5234" id="rfc.xref.RFC5234.2"><cite title="Augmented BNF for Syntax Specifications: ABNF">[RFC5234]</cite></a>: ALPHA (letters), CR (carriage return), CRLF (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote), HEXDIG
     2077            (hexadecimal 0-9/A-F/a-f), LF (line feed), OCTET (any 8-bit sequence of data), SP (space), and VCHAR (any visible US-ASCII
     2078            character).
     2079         </p>
     2080         <p id="rfc.section.B.p.2">The rules below are defined in <a href="#Part1" id="rfc.xref.Part1.13"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>:
     2081         </p>
     2082         <div id="rfc.figure.u.15"></div><pre class="inline">  <a href="#imported.abnf" class="smpl">OWS</a>           = &lt;OWS, defined in <a href="#Part1" id="rfc.xref.Part1.14"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>, <a href="p1-messaging.html#whitespace" title="Whitespace">Section 3.2.3</a>&gt;
    19432083  <a href="#imported.abnf" class="smpl">field-name</a>    = &lt;field-name, defined in <a href="#Part1" id="rfc.xref.Part1.15"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>, <a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a>&gt;
    19442084  <a href="#imported.abnf" class="smpl">quoted-string</a> = &lt;quoted-string, defined in <a href="#Part1" id="rfc.xref.Part1.16"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>, <a href="p1-messaging.html#field.components" title="Field value components">Section 3.2.6</a>&gt;
     
    19492089  <a href="#imported.abnf" class="smpl">uri-host</a>      = &lt;uri-host, defined in <a href="#Part1" id="rfc.xref.Part1.20"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>, <a href="p1-messaging.html#uri" title="Uniform Resource Identifiers">Section 2.7</a>&gt;
    19502090</pre><p id="rfc.section.B.p.4">The rules below are defined in other parts:</p>
    1951       <div id="rfc.figure.u.16"></div><pre class="inline">  <a href="#imported.abnf" class="smpl">HTTP-date</a>     = &lt;HTTP-date, defined in <a href="#Part2" id="rfc.xref.Part2.9"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>, <a href="p2-semantics.html#http.date" title="Date/Time Formats">Section 7.1.1.1</a>&gt;
    1952 </pre><h1 id="rfc.section.C"><a href="#rfc.section.C">C.</a>&nbsp;<a id="collected.abnf" href="#collected.abnf">Collected ABNF</a></h1>
    1953       <p id="rfc.section.C.p.1">In the collected ABNF below, list rules are expanded as per <a href="p1-messaging.html#notation" title="Syntax Notation">Section 1.2</a> of <a href="#Part1" id="rfc.xref.Part1.21"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.
    1954       </p>
    1955       <div id="rfc.figure.u.17"></div><pre class="inline"><a href="#header.age" class="smpl">Age</a> = delta-seconds
     2091         <div id="rfc.figure.u.16"></div><pre class="inline">  <a href="#imported.abnf" class="smpl">HTTP-date</a>     = &lt;HTTP-date, defined in <a href="#Part2" id="rfc.xref.Part2.9"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content">[Part2]</cite></a>, <a href="p2-semantics.html#http.date" title="Date/Time Formats">Section 7.1.1.1</a>&gt;
     2092</pre></div>
     2093      <div id="collected.abnf">
     2094         <h1 id="rfc.section.C"><a href="#rfc.section.C">C.</a>&nbsp;<a href="#collected.abnf">Collected ABNF</a></h1>
     2095         <p id="rfc.section.C.p.1">In the collected ABNF below, list rules are expanded as per <a href="p1-messaging.html#notation" title="Syntax Notation">Section 1.2</a> of <a href="#Part1" id="rfc.xref.Part1.21"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.
     2096         </p>
     2097         <div id="rfc.figure.u.17"></div><pre class="inline"><a href="#header.age" class="smpl">Age</a> = delta-seconds
    19562098
    19572099<a href="#header.cache-control" class="smpl">Cache-Control</a> = *( "," OWS ) cache-directive *( OWS "," [ OWS
     
    19942136<a href="#header.warning" class="smpl">warning-value</a> = warn-code SP warn-agent SP warn-text [ SP warn-date
    19952137 ]
    1996 </pre><h1 id="rfc.section.D"><a href="#rfc.section.D">D.</a>&nbsp;<a id="change.log" href="#change.log">Change Log (to be removed by RFC Editor before publication)</a></h1>
    1997       <p id="rfc.section.D.p.1">Changes up to the first Working Group Last Call draft are summarized in &lt;<a href="http://trac.tools.ietf.org/html/draft-ietf-httpbis-p6-cache-19#appendix-C">http://trac.tools.ietf.org/html/draft-ietf-httpbis-p6-cache-19#appendix-C</a>&gt;.
    1998       </p>
    1999       <h2 id="rfc.section.D.1"><a href="#rfc.section.D.1">D.1</a>&nbsp;<a id="changes.since.19" href="#changes.since.19">Since draft-ietf-httpbis-p6-cache-19</a></h2>
    2000       <p id="rfc.section.D.1.p.1">Closed issues: </p>
    2001       <ul>
    2002          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/307">http://tools.ietf.org/wg/httpbis/trac/ticket/307</a>&gt;: "untangle Cache-Control ABNF"
    2003          </li>
    2004          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/353">http://tools.ietf.org/wg/httpbis/trac/ticket/353</a>&gt;: "Multiple values in Cache-Control header fields"
    2005          </li>
    2006          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/355">http://tools.ietf.org/wg/httpbis/trac/ticket/355</a>&gt;: "Case sensitivity of header fields in CC values"
    2007          </li>
    2008          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/356">http://tools.ietf.org/wg/httpbis/trac/ticket/356</a>&gt;: "Spurious 'MAYs'"
    2009          </li>
    2010          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/360">http://tools.ietf.org/wg/httpbis/trac/ticket/360</a>&gt;: "enhance considerations for new cache control directives"
    2011          </li>
    2012          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/361">http://tools.ietf.org/wg/httpbis/trac/ticket/361</a>&gt;: "ABNF requirements for recipients"
    2013          </li>
    2014          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/368">http://tools.ietf.org/wg/httpbis/trac/ticket/368</a>&gt;: "note introduction of new IANA registries as normative changes"
    2015          </li>
    2016          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/373">http://tools.ietf.org/wg/httpbis/trac/ticket/373</a>&gt;: "broken prose in description of 'Vary'"
    2017          </li>
    2018       </ul>
    2019       <h2 id="rfc.section.D.2"><a href="#rfc.section.D.2">D.2</a>&nbsp;<a id="changes.since.20" href="#changes.since.20">Since draft-ietf-httpbis-p6-cache-20</a></h2>
    2020       <p id="rfc.section.D.2.p.1">Closed issues: </p>
    2021       <ul>
    2022          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/375">http://tools.ietf.org/wg/httpbis/trac/ticket/375</a>&gt;: "'Most Conservative'"
    2023          </li>
    2024       </ul>
    2025       <p id="rfc.section.D.2.p.2">Other changes: </p>
    2026       <ul>
    2027          <li>Conformance criteria and considerations regarding error handling are now defined in Part 1.</li>
    2028          <li>Move definition of "Vary" header field into Part 2.</li>
    2029          <li>Add security considerations with respect to cache poisoning and the "Set-Cookie" header field.</li>
    2030       </ul>
    2031       <h2 id="rfc.section.D.3"><a href="#rfc.section.D.3">D.3</a>&nbsp;<a id="changes.since.21" href="#changes.since.21">Since draft-ietf-httpbis-p6-cache-21</a></h2>
    2032       <p id="rfc.section.D.3.p.1">Closed issues: </p>
    2033       <ul>
    2034          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/223">http://tools.ietf.org/wg/httpbis/trac/ticket/223</a>&gt;: "Allowing heuristic caching for new status codes"
    2035          </li>
    2036          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/406">http://tools.ietf.org/wg/httpbis/trac/ticket/406</a>&gt;: "304 without validator"
    2037          </li>
    2038          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/418">http://tools.ietf.org/wg/httpbis/trac/ticket/418</a>&gt;: "No-Transform"
    2039          </li>
    2040          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/430">http://tools.ietf.org/wg/httpbis/trac/ticket/430</a>&gt;: "Revert prior change to the meaning of the public cache response directive.
    2041          </li>
    2042       </ul>
    2043       <h2 id="rfc.section.D.4"><a href="#rfc.section.D.4">D.4</a>&nbsp;<a id="changes.since.22" href="#changes.since.22">Since draft-ietf-httpbis-p6-cache-22</a></h2>
    2044       <p id="rfc.section.D.4.p.1">Closed issues: </p>
    2045       <ul>
    2046          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/436">http://tools.ietf.org/wg/httpbis/trac/ticket/436</a>&gt;: "explain list expansion in ABNF appendices"
    2047          </li>
    2048          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/453">http://tools.ietf.org/wg/httpbis/trac/ticket/453</a>&gt;: "Returning the freshest response"
    2049          </li>
    2050          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/464">http://tools.ietf.org/wg/httpbis/trac/ticket/464</a>&gt;: "placement of extension point considerations"
    2051          </li>
    2052          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/469">http://tools.ietf.org/wg/httpbis/trac/ticket/469</a>&gt;: "Editorial notes for p6"
    2053          </li>
    2054          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/471">http://tools.ietf.org/wg/httpbis/trac/ticket/471</a>&gt;: "Vary and future requests"
    2055          </li>
    2056       </ul>
    2057       <h2 id="rfc.section.D.5"><a href="#rfc.section.D.5">D.5</a>&nbsp;<a id="changes.since.23" href="#changes.since.23">Since draft-ietf-httpbis-p6-cache-23</a></h2>
    2058       <p id="rfc.section.D.5.p.1">Closed issues: </p>
    2059       <ul>
    2060          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/486">http://tools.ietf.org/wg/httpbis/trac/ticket/486</a>&gt;: "Requiring proxies to process warn-date"
    2061          </li>
    2062          <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/496">http://tools.ietf.org/wg/httpbis/trac/ticket/496</a>&gt;: "add Warning header field examples"
    2063          </li>
    2064       </ul>
    2065       <h2 id="rfc.section.D.6"><a href="#rfc.section.D.6">D.6</a>&nbsp;<a id="changes.since.24" href="#changes.since.24">Since draft-ietf-httpbis-p6-cache-24</a></h2>
    2066       <p id="rfc.section.D.6.p.1">None yet.</p>
     2138</pre></div>
     2139      <div id="change.log">
     2140         <h1 id="rfc.section.D"><a href="#rfc.section.D">D.</a>&nbsp;<a href="#change.log">Change Log (to be removed by RFC Editor before publication)</a></h1>
     2141         <p id="rfc.section.D.p.1">Changes up to the first Working Group Last Call draft are summarized in &lt;<a href="http://trac.tools.ietf.org/html/draft-ietf-httpbis-p6-cache-19#appendix-C">http://trac.tools.ietf.org/html/draft-ietf-httpbis-p6-cache-19#appendix-C</a>&gt;.
     2142         </p>
     2143         <div id="changes.since.19">
     2144            <h2 id="rfc.section.D.1"><a href="#rfc.section.D.1">D.1</a>&nbsp;<a href="#changes.since.19">Since draft-ietf-httpbis-p6-cache-19</a></h2>
     2145            <p id="rfc.section.D.1.p.1">Closed issues: </p>
     2146            <ul>
     2147               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/307">http://tools.ietf.org/wg/httpbis/trac/ticket/307</a>&gt;: "untangle Cache-Control ABNF"
     2148               </li>
     2149               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/353">http://tools.ietf.org/wg/httpbis/trac/ticket/353</a>&gt;: "Multiple values in Cache-Control header fields"
     2150               </li>
     2151               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/355">http://tools.ietf.org/wg/httpbis/trac/ticket/355</a>&gt;: "Case sensitivity of header fields in CC values"
     2152               </li>
     2153               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/356">http://tools.ietf.org/wg/httpbis/trac/ticket/356</a>&gt;: "Spurious 'MAYs'"
     2154               </li>
     2155               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/360">http://tools.ietf.org/wg/httpbis/trac/ticket/360</a>&gt;: "enhance considerations for new cache control directives"
     2156               </li>
     2157               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/361">http://tools.ietf.org/wg/httpbis/trac/ticket/361</a>&gt;: "ABNF requirements for recipients"
     2158               </li>
     2159               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/368">http://tools.ietf.org/wg/httpbis/trac/ticket/368</a>&gt;: "note introduction of new IANA registries as normative changes"
     2160               </li>
     2161               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/373">http://tools.ietf.org/wg/httpbis/trac/ticket/373</a>&gt;: "broken prose in description of 'Vary'"
     2162               </li>
     2163            </ul>
     2164         </div>
     2165         <div id="changes.since.20">
     2166            <h2 id="rfc.section.D.2"><a href="#rfc.section.D.2">D.2</a>&nbsp;<a href="#changes.since.20">Since draft-ietf-httpbis-p6-cache-20</a></h2>
     2167            <p id="rfc.section.D.2.p.1">Closed issues: </p>
     2168            <ul>
     2169               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/375">http://tools.ietf.org/wg/httpbis/trac/ticket/375</a>&gt;: "'Most Conservative'"
     2170               </li>
     2171            </ul>
     2172            <p id="rfc.section.D.2.p.2">Other changes: </p>
     2173            <ul>
     2174               <li>Conformance criteria and considerations regarding error handling are now defined in Part 1.</li>
     2175               <li>Move definition of "Vary" header field into Part 2.</li>
     2176               <li>Add security considerations with respect to cache poisoning and the "Set-Cookie" header field.</li>
     2177            </ul>
     2178         </div>
     2179         <div id="changes.since.21">
     2180            <h2 id="rfc.section.D.3"><a href="#rfc.section.D.3">D.3</a>&nbsp;<a href="#changes.since.21">Since draft-ietf-httpbis-p6-cache-21</a></h2>
     2181            <p id="rfc.section.D.3.p.1">Closed issues: </p>
     2182            <ul>
     2183               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/223">http://tools.ietf.org/wg/httpbis/trac/ticket/223</a>&gt;: "Allowing heuristic caching for new status codes"
     2184               </li>
     2185               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/406">http://tools.ietf.org/wg/httpbis/trac/ticket/406</a>&gt;: "304 without validator"
     2186               </li>
     2187               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/418">http://tools.ietf.org/wg/httpbis/trac/ticket/418</a>&gt;: "No-Transform"
     2188               </li>
     2189               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/430">http://tools.ietf.org/wg/httpbis/trac/ticket/430</a>&gt;: "Revert prior change to the meaning of the public cache response directive.
     2190               </li>
     2191            </ul>
     2192         </div>
     2193         <div id="changes.since.22">
     2194            <h2 id="rfc.section.D.4"><a href="#rfc.section.D.4">D.4</a>&nbsp;<a href="#changes.since.22">Since draft-ietf-httpbis-p6-cache-22</a></h2>
     2195            <p id="rfc.section.D.4.p.1">Closed issues: </p>
     2196            <ul>
     2197               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/436">http://tools.ietf.org/wg/httpbis/trac/ticket/436</a>&gt;: "explain list expansion in ABNF appendices"
     2198               </li>
     2199               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/453">http://tools.ietf.org/wg/httpbis/trac/ticket/453</a>&gt;: "Returning the freshest response"
     2200               </li>
     2201               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/464">http://tools.ietf.org/wg/httpbis/trac/ticket/464</a>&gt;: "placement of extension point considerations"
     2202               </li>
     2203               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/469">http://tools.ietf.org/wg/httpbis/trac/ticket/469</a>&gt;: "Editorial notes for p6"
     2204               </li>
     2205               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/471">http://tools.ietf.org/wg/httpbis/trac/ticket/471</a>&gt;: "Vary and future requests"
     2206               </li>
     2207            </ul>
     2208         </div>
     2209         <div id="changes.since.23">
     2210            <h2 id="rfc.section.D.5"><a href="#rfc.section.D.5">D.5</a>&nbsp;<a href="#changes.since.23">Since draft-ietf-httpbis-p6-cache-23</a></h2>
     2211            <p id="rfc.section.D.5.p.1">Closed issues: </p>
     2212            <ul>
     2213               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/486">http://tools.ietf.org/wg/httpbis/trac/ticket/486</a>&gt;: "Requiring proxies to process warn-date"
     2214               </li>
     2215               <li>&lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/496">http://tools.ietf.org/wg/httpbis/trac/ticket/496</a>&gt;: "add Warning header field examples"
     2216               </li>
     2217            </ul>
     2218         </div>
     2219         <div id="changes.since.24">
     2220            <h2 id="rfc.section.D.6"><a href="#rfc.section.D.6">D.6</a>&nbsp;<a href="#changes.since.24">Since draft-ietf-httpbis-p6-cache-24</a></h2>
     2221            <p id="rfc.section.D.6.p.1">None yet.</p>
     2222         </div>
     2223      </div>
    20672224      <h1 id="rfc.index"><a href="#rfc.index">Index</a></h1>
    20682225      <p class="noprint"><a href="#rfc.index.1">1</a> <a href="#rfc.index.2">2</a> <a href="#rfc.index.A">A</a> <a href="#rfc.index.B">B</a> <a href="#rfc.index.C">C</a> <a href="#rfc.index.D">D</a> <a href="#rfc.index.E">E</a> <a href="#rfc.index.F">F</a> <a href="#rfc.index.G">G</a> <a href="#rfc.index.H">H</a> <a href="#rfc.index.M">M</a> <a href="#rfc.index.N">N</a> <a href="#rfc.index.O">O</a> <a href="#rfc.index.P">P</a> <a href="#rfc.index.R">R</a> <a href="#rfc.index.S">S</a> <a href="#rfc.index.T">T</a> <a href="#rfc.index.V">V</a> <a href="#rfc.index.W">W</a>
Note: See TracChangeset for help on using the changeset viewer.