|
|
|
|
|
|
by dsl
3561 days ago
|
|
|
tlsdate is a much cleaner implementation of this idea, taking the time from the handshake. TLS 1.3 as it stands makes sending the server time optional. The 'Date' header is tricky because it is a timestamp of when the document was generated, not when it was served. Caching proxies have no obligation to (and in most cases shouldn't) update the value. |
|
|
If you're worried about a caching proxy you can set the constraint to a URL that returns something dynamic. Although it would be interesting to see what % of the top TLS-enabled webservers don't return something recent for HEAD / HTTP/1.1