cache-control: no-cache, max-age=600;
Does it makes any change to add a max-age if it has to revalidate anyways?
Situation: the revalidation would be done by the Browser and edge CDN, to a cache server which would store the cache as:
cache-control: public, max-age=600;
( PD: There is a reason why browser and edge cdn have to revalidate, and has to be this way. )