public
— marks authenticated responses as cacheable; normally, if HTTP authentication is required, responses are automatically private.private
— allows caches that are specific to one user (e.g., in a browser) to store the response; shared caches (e.g., in a proxy) may not.no-cache
— forces caches to submit the request to the origin server for validation before releasing a cached copy, every time. This is useful to assure that authentication is respected (in combination with public), or to maintain rigid freshness, without sacrificing all of the benefits of caching.no-store
— instructs caches not to keep a copy of the representation under any conditions.
Reference:
http://www.mnot.net/cache_docs/#CACHE-CONTROL