Deployment Risks
The use of ETags in the HTTP header is optional (not mandatory as with some other fields of the HTTP 1.1 header). The method by which ETags are generated has never been specified at any time in the HTTP specification.
Common methods of ETag generation include using a collision-resistant hash function of the resource's content, a hash of the last modification timestamp, or even just a revision number.
In order to avoid the use of stale cache data, methods used to generate ETags should guarantee (as much as is practical) that each ETag is unique. However, an ETag-generation function could be judged to be "usable" if it can be proven (mathematically) that duplication of ETags would be "acceptably rare", even if it could or would occur.
Some earlier checksum functions, such as CRC32 and CRC64, are known to suffer from this hash collision problem. Because of this they are not good candidates for use in ETag generation.
Read more about this topic: HTTP ETag
Famous quotes containing the word risks:
“If the children and youth of a nation are afforded opportunity to develop their capacities to the fullest, if they are given the knowledge to understand the world and the wisdom to change it, then the prospects for the future are bright. In contrast, a society which neglects its children, however well it may function in other respects, risks eventual disorganization and demise.”
—Urie Bronfenbrenner (b. 1917)