You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Also consider the application and usage of a mechanism like etag to allow a consuming party to determine whether their copy of a given status list is the latest.
The text was updated successfully, but these errors were encountered:
Since Status List Tokens are distributed via HTTP endpoints it might be beneficial to elaborate on how ttl and exp claims interplay with HTTP headers such as Cache-Control and Expires.
For example, if the value of ttl claim is 60 and the value of Cache-Control HTTP header is max-age=30 which of these takes the precedence? My assumption is that ttl takes precedence since its signed data.
Another example: ttl is 60 but Cache-Control HTTP header is no-store. Should the consumer cache the Status List Token or not? Issuer says yes, but whatever CDN operator says no.
Also consider the application and usage of a mechanism like etag to allow a consuming party to determine whether their copy of a given status list is the latest.
The text was updated successfully, but these errors were encountered: