Update docs

Author: st0o0

docs/guide/caching.md

@@ -151,10 +151,13 @@ request.Headers.CacheControl = new CacheControlHeaderValue
 
 ## Sharing a Cache Store
 
-By default each named client gets its own `CacheStore`. To share a single store across multiple named clients — for example, to deduplicate in-flight requests across services — create a `CacheStore` once and pass it directly:
+By default each named client gets its own cache. To share a single store across multiple named clients — for example, to serve the same cached responses to parallel services — implement `ICacheStore` and pass the same instance to each client:
 
 ```csharp
-var sharedStore = new CacheStore();
+using TurboHTTP.Protocol.Caching;
+
+// Your thread-safe ICacheStore implementation
+ICacheStore sharedStore = new MySharedCacheStore();
 
 builder.Services.AddTurboHttpClient("client-a", options =>
 {
@@ -169,6 +172,8 @@ builder.Services.AddTurboHttpClient("client-b", options =>
 .WithCache(sharedStore);
 ```
 
-`CacheStore` is thread-safe and designed for concurrent access from multiple clients.
+::: warning Thread safety
+When an `ICacheStore` is shared across multiple clients it will receive concurrent reads and writes. Your implementation must be thread-safe.
+:::
 
 See the [Configuration guide](./configuration) for more details on cache setup.

docs/guide/cookies.md

@@ -107,39 +107,31 @@ A cookie with no `Max-Age` and no `Expires` is a **session cookie** — it lives
 Set-Cookie: sid=abc123   ← no expiry: lasts until the client is disposed
 ```
 
-## Working with `CookieJar` Directly
+## Sharing a Cookie Store
 
-`CookieJar` is a public class. You can construct one independently to pre-populate cookies, test cookie matching logic, or share a jar across request processing outside the pipeline.
+By default each named client gets its own isolated cookie store. To share cookies across multiple clients — for example, so that a login performed by one client is visible to another — implement `ICookieStore` and pass the same instance to each:
 
 ```csharp
 using TurboHTTP.Protocol.Cookies;
 
-var jar = new CookieJar();
+// Your thread-safe ICookieStore implementation
+ICookieStore sharedStore = new MySharedCookieStore();
 
-// Simulate a server response that sets a cookie
-var response = new HttpResponseMessage();
-response.Headers.TryAddWithoutValidation("Set-Cookie", "session=abc123; Path=/; Secure");
-jar.ProcessResponse(new Uri("https://api.example.com"), response);
+builder.Services.AddTurboHttpClient("auth", options =>
+{
+    options.BaseAddress = new Uri("https://auth.example.com");
+})
+.WithCookies(sharedStore);
 
-Console.WriteLine($"Cookies stored: {jar.Count}"); // → 1
-
-// Inspect what would be injected into a request
-var request = new HttpRequestMessage(HttpMethod.Get, "https://api.example.com/data");
-jar.AddCookiesToRequest(new Uri("https://api.example.com/data"), ref request);
-// request.Headers["Cookie"] now contains "session=abc123"
-
-// Clear all stored cookies (e.g., on logout)
-jar.Clear();
-Console.WriteLine($"Cookies after clear: {jar.Count}"); // → 0
+builder.Services.AddTurboHttpClient("api", options =>
+{
+    options.BaseAddress = new Uri("https://api.example.com");
+})
+.WithCookies(sharedStore);
 ```
 
-### Clearing cookies on logout
-
-Call `Clear()` on the jar when a user logs out to remove all stored cookies:
-
-```csharp
-// After a successful logout response:
-jar.Clear();
-```
+A cookie set during login on the `auth` client will now be available to the `api` client.
 
-Since the per-client `CookieJar` is managed internally by the pipeline, clearing it in tests or custom integrations requires direct access to the jar instance used at construction time.
+::: warning Thread safety
+When an `ICookieStore` is shared across multiple clients it will receive concurrent reads and writes. Your implementation must be thread-safe.
+:::

notes/Architecture/Layers/16-PROTOCOL_LAYER.md

@@ -236,10 +236,18 @@ src/TurboHTTP/Protocol/
 │   ├── ContentEncodingDecoder.cs
 │   └── …
 ├── Caching/                 # HTTP Caching (RFC 9111)
-│   ├── CacheStore.cs
+│   ├── ICacheStore.cs           # Store interface (custom backend extension point)
+│   ├── MemoryCacheStore.cs      # Default in-memory store (actor-confined)
+│   ├── CacheStoreEntry.cs       # Stored response snapshot (Vary, ETag, freshness)
+│   ├── CacheControlStoreEntry.cs
 │   ├── CacheFreshnessEvaluator.cs
+│   ├── CacheValidationRequestBuilder.cs
+│   ├── CacheControlParser.cs
 │   └── …
 └── Cookies/                 # Cookie management (RFC 6265)
+    ├── ICookieStore.cs          # Store interface (custom backend extension point)
+    ├── MemoryCookieStore.cs     # Default in-memory store (actor-confined)
+    ├── CookieStoreEntry.cs      # Persisted cookie record
     ├── CookieJar.cs
     └── CookieParser.cs
 ```

notes/Architecture/Status/04-CURRENT_STATE_SUMMARY.md

@@ -216,8 +216,8 @@ ConnectionLease
 
 ### Thread Safety
 - ✅ `ConnectionPool` is thread-safe (SemaphoreSlim, ConcurrentQueue)
-- ✅ `CookieJar` is thread-safe (locking on writes)
-- ✅ `HttpCacheStore` is thread-safe (ReaderWriterLockSlim)
+- ✅ `CookieJar` is actor-confined — `MemoryCookieStore` uses a plain `List<T>` (no locking needed)
+- ✅ `MemoryCacheStore` is actor-confined — uses a plain `Dictionary` (no locking needed)
 - ✅ Akka stages are single-threaded per actor
 
 ### Testing

notes/RFC/RFC9111/RFC9111.md

@@ -16,9 +16,9 @@ source_url: "https://www.rfc-editor.org/rfc/rfc9111"
 |--------|-------|
 | **Compliance Score** | 78/100 |
 | **Implementation Status** | ✅ Complete |
-| **Implementation Path** | `TurboHTTP/Protocol/RFC9111/` |
-| **Unit Test Files** | `TurboHTTP.Tests/RFC9111/` — 4 files, 75 tests |
-| **Stream Test Files** | `TurboHTTP.StreamTests/RFC9111/` |
+| **Implementation Path** | `TurboHTTP/Protocol/Caching/` |
+| **Unit Test Files** | `TurboHTTP.Tests/Caching/` — 6 files |
+| **Stream Test Files** | `TurboHTTP.StreamTests/Caching/` — 3 files |
 | **Key Gaps** | Shared cache support, pragma: no-cache, heuristic freshness, cache key normalization |
 
 ## Core Concepts
@@ -36,10 +36,12 @@ source_url: "https://www.rfc-editor.org/rfc/rfc9111"
 
 | Component | File | Purpose |
 |-----------|------|---------|
-| `HttpCacheStore` | `Protocol/RFC9111/HttpCacheStore.cs` | Thread-safe in-memory LRU cache with Vary support |
-| `CacheFreshnessEvaluator` | `Protocol/RFC9111/CacheFreshnessEvaluator.cs` | §4.2 freshness lifetime, current age, heuristic |
-| `CacheValidationRequestBuilder` | `Protocol/RFC9111/CacheValidationRequestBuilder.cs` | §4.3 conditional requests, 304 merge |
-| `CacheControlParser` | `Protocol/RFC9111/CacheControlParser.cs` | §5.2 Cache-Control directive parsing |
+| `ICacheStore` | `Protocol/Caching/ICacheStore.cs` | Store interface — implement for a custom cache backend |
+| `MemoryCacheStore` | `Protocol/Caching/MemoryCacheStore.cs` | Default in-memory store (actor-confined, no locking needed) |
+| `CacheStoreEntry` | `Protocol/Caching/CacheStoreEntry.cs` | Stored response snapshot with Vary, ETag, freshness metadata |
+| `CacheFreshnessEvaluator` | `Protocol/Caching/CacheFreshnessEvaluator.cs` | §4.2 freshness lifetime, current age, heuristic |
+| `CacheValidationRequestBuilder` | `Protocol/Caching/CacheValidationRequestBuilder.cs` | §4.3 conditional requests, 304 merge |
+| `CacheControlParser` | `Protocol/Caching/CacheControlParser.cs` | §5.2 Cache-Control directive parsing |
 
 ### Stages
 
@@ -51,8 +53,8 @@ source_url: "https://www.rfc-editor.org/rfc/rfc9111"
 
 | Test File | Coverage |
 |-----------|----------|
-| `TurboHTTP.Tests/RFC9111/` | 75 unit tests — freshness, validation, storage, directives |
-| `TurboHTTP.StreamTests/RFC9111/` | Stage behaviour tests — cache lookup and storage stages |
+| `TurboHTTP.Tests/Caching/` | Unit tests — freshness, validation, storage, directives, qualified directives |
+| `TurboHTTP.StreamTests/Caching/` | Stage behaviour tests — cache lookup, storage, and shared response |
 
 ## Sections