https://stackoverflow.com/questions/14873206
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianBoth represent a hashsum of the message body.
Not quite. Content-MD5 is a hash, but ETag is an opaque identifier: the client doesn't know what it means. It's true that one way to generate an appropriate ETag is by hashing the data of the resource, but it's certainly not the only one.
Both can be used for checking if the resource was changed since the last time it was requested by a specific client.
That's true, although in both cases you can theoretically get both false positives and false negatives.
If they do identical thing, why do they coexist in the RFC2616 specification?
The coexist because they serve different purposes; "they do identical things" is not true.
Content-MD5 is intended to let the client verify the integrity of the resource being transferred: its meaning is well defined, and it's not supposed to be used after the response has been received.
ETag is intended to be used for coordinating caching. Being opaque it allows decoupling the semantics of a "resource identifier" from the its mechanics (so the server can choose to use any identification scheme it wants, and it's free to change this scheme in the future without the clients having any say on the process). Additionally, ETag supports weak validation, allowing two bitwise-different versions of a resouce to be treated as semantically equivalent.
