Last Call Review of draft-ietf-httpbis-p6-cache-25

Request Review of draft-ietf-httpbis-p6-cache
Requested rev. no specific revision (document currently at 26)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2013-12-17
Requested 2013-10-21
Draft last updated 2013-12-03
Completed reviews Genart Last Call review of -25 by Meral Shirazipour (diff)
Secdir Early review of -?? by Tero Kivinen
Secdir Last Call review of -24 by Tero Kivinen (diff)
Opsdir Telechat review of -25 by Lionel Morand (diff)
Assignment Reviewer Meral Shirazipour
State Completed
Review review-ietf-httpbis-p6-cache-25-genart-lc-shirazipour-2013-12-03
Reviewed rev. 25 (document currently at 26)
Review result Ready with Nits
Review completed: 2013-12-03


I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at



Please resolve any Last Call comments you may receive.




Document: draft-ietf-httpbis-p6-cache-25

Reviewer: Meral Shirazipour

Review Date: 2013-11-18/2013-12-02

IETF LC End Date: End of November (special deadline)

IESG Telechat date: 2013-12-19 




This draft is almost ready to be published as Proposed Standard but I have some comments.



Major issues:




Minor issues:




Nits/editorial comments:

Part 6 of:

draft-ietf-httpbis-p1-messaging (82 pages)

draft-ietf-httpbis-p2-semantics (98 pages)

draft-ietf-httpbis-p4-conditional (27 pages)

draft-ietf-httpbis-p5-range (24 pages) 

*draft-ietf-httpbis-p6-cache (41 pages)

draft-ietf-httpbis-p7-auth (18 pages)

draft-ietf-httpbis-method-registrations (7 pages)

draft-ietf-httpbis-authscheme-registrations (5 pages)


-As mentioned in p4 review, was it considered merging p4 and p6?


-[Page 1], abstract, Suggestion to change the sentence to remove the word "requirements" to avoid confusion with a Requirements RFC (which is usually followed by the spec).

"This document defines requirements on HTTP caches... "


-[Page 12], last paragraph, suggestion to use SHOULD  or MUST


"heuristics can only be used on responses without explicit freshness"----->

"heuristics SHOULD/MUST only be used on responses without explicit freshness"


-[Page 19], "update the stored response a described below;"--typo-->"update the stored response as described below;


-[Page 22], does is matter if it is strong versus weak validation?

"  no-cache


   The "no-cache" request directive indicates that a cache MUST NOT use

   a stored response to satisfy the request without successful

   validation on the origin server.


-[Page 34], Security section, as mentioned in my other reviews, would it be better to have a separate draft to discuss all security issues related to HTTP?




Best Regards,




Meral Shirazipour

Ericsson Research