Briefly, cookies can't be cached by public caches, but since public
    documents may make up part of a "stateful dialog", and in
    particular the first document in a stateful dialog may be (for
    example) a public and cachable home page, servers that wish to
    receive the client's cookie on each request, or to issue a new
    cookie on requests for a document must set the document up to
    require validation on each request.  (e.g., by having it be
    "pre-expired").
<p>
    Otherwise, the cache control headers for responses control what a
    proxy has to do.  If a document is fresh in a cache, a request
    containing a cookie does not have to be forwarded to the origin
    server, since (by definition) if the document is servable from a
    cache, there aren't important side effects at the origin relating
    to requests for that document, and so, no changes to the cookie.
<p>
    One important issue bearing on caching is that for conditional
    requests that go through to the origin server, for which the origin
    server responds with 304 and also with a set-cookie header, caches
    must splice the set-cookie sent by the origin server into their own
    response.  This is, for example, how it can work to have a home
    page that is in a cache, but stale, so that the only traffic to the
    origin server is to validate the home page, receiving a 304 and
    potentially a new cookie.