Responses where Cache-Control is set to private may be cached but must not be cached in a shared cache. I have a use of cachecontrol for an API client I'm writing, but it has support for multiple users, so I need to implement user-specific caching support soon.

My idea for how to implement it is to have a parameter you pass to CacheControl with a header name. Then when a response has Cache-Control: private set it would try to fetch a header with that key from the request/response and then then prepend a hash of that to the cache key.

I currently have it implemented locally for the redis backend, though it's currently very implementation specific, only checking for Authorization, and only for the redis backend.

Any thoughts/opinion on this idea?