2.2.2.1 Standard HTTP Message Header Fields

The HTTP message headers in the HCEP response MUST include the following fields.

Tokens

Cache-Control: MUST be "no-cache, must-revalidate" or "must-revalidate, no-cache". This is an HTTP header, as specified in [RFC2616] section 4.5.

Content-Type: MUST be "application/healthcertificate-response". This is an HTTP header field, as specified in [RFC2616] section 7.1.

Content-Length: MUST be the size of ASN.1 DER–encoded health certificate response.

Additional resources