Why is Google's home page logo served with contradictory "Expires" and "Cache-Control" headers?

Here is开发者_C百科 the logo currently used on www.google.com:

http://www.google.com/images/logos/ps_logo2.png

Here's its HTTP response:

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 05 Aug 2010 22:54:44 GMT
Date: Fri, 25 Mar 2011 16:41:05 GMT
Expires: Fri, 25 Mar 2011 16:41:05 GMT
Cache-Control: private, max-age=31536000
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 26209
Age: 0
Via: 1.1 localhost.localdomain

The Cache-Control header says it's good for 1 year. But Expires is the same as Date, i.e. it's stale immediately.

Why the difference?

---

Cache-Control overrides Expires on any HTTP/1.1 cache or client.

So I assume Google wants to cache the image for HTTP/1.1 but not cache it at all for HTTP/1.0.

I don't know why Google cares. I would think they'd want to cache the logo even for older clients.

---

The reason is that google wants the user to cache the image but not intermediate shared caches (hence the private directive).

Many intermediate cache systems can be outdated and ignore new HTTP features (as the cache-control header), so this approach makes them not to cache the resource (via the expires header). For the rest of agents understanding both, the cache-control overrides expires header.

This is a common practice referenced in rfc2616 sec14.9.3

An origin server might wish to use a relatively new HTTP cache control feature, such as the "private" directive, on a network including older caches that do not understand that feature. The origin server will need to combine the new feature with an Expires field whose value is less than or equal to the Date value. This will prevent older caches from improperly caching the response.