As far as I can see static content does not cached with current RT version.

For example:
Request
GET /rt/static/images/bpslogo.png HTTP/1.1.
Host: sd.
Connection: keep-alive.
Cache-Control: max-age=0.
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36.
Accept-Encoding: gzip, deflate, sdch.
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.6,en;q=0.4.
Cookie: RT_SID_SD.80=374bd4e2b9927222e1eeabb10bfe0a51.
If-Modified-Since: Tue, 05 May 2015 14:55:14 GMT.

Response
HTTP/1.1 200 OK.
Date: Tue, 05 May 2015 15:07:09 GMT.
Server: Apache/2.4.10 (Debian).
Last-Modified: Tue, 05 May 2015 14:55:10 GMT.
Expires: Thu, 04 Jun 2015 14:44:17 GMT.
Cache-Control: max-age=2592000, public.
Content-Length: 2656.
Keep-Alive: timeout=5, max=100.
Connection: Keep-Alive.
Content-Type: image/png.


I think that response should be "304 Not modified" insead of "200 OK".

Apache config below (default fastcgi example + kerberos auth):

FastCgiServer /usr/share/request-tracker4/libexec/rt-server.fcgi -initial-env RT_SITE_CONFIG=/etc/request-tracker4/RT_SiteConfig.pm

ScriptAlias /rt /usr/share/request-tracker4/libexec/rt-server.fcgi

<Location /rt/>
  DirectoryIndex index.html

   AuthType Kerberos
   AuthName "RT4"
   KrbMethodNegotiate on
   KrbMethodK5Passwd off
   KrbAuthRealms TEST.INT
   KrbVerifyKDC on
   Krb5Keytab /etc/apache2/http.keytab
   KrbLocalUserMapping On

   require valid-user

</Location>
<Location /rt/REST/1.0/NoAuth>
     <IfVersion >= 2.3>
         Require local
     </IfVersion>
     <IfVersion < 2.3>
         Order Allow,Deny
         Allow from 127.0.0.1
     </IfVersion>
</Location>

Installed apache modules:
apache2 -M
Loaded Modules:
  core_module (static)
  so_module (static)
  watchdog_module (static)
  http_module (static)
  log_config_module (static)
  logio_module (static)
  version_module (static)
  unixd_module (static)
  access_compat_module (shared)
  alias_module (shared)
  auth_basic_module (shared)
  auth_kerb_module (shared)
  authn_core_module (shared)
  authn_file_module (shared)
  authz_core_module (shared)
  authz_host_module (shared)
  authz_user_module (shared)
  autoindex_module (shared)
  deflate_module (shared)
  dir_module (shared)
  env_module (shared)
  fastcgi_module (shared)
  filter_module (shared)
  mime_module (shared)
  mpm_event_module (shared)
  negotiation_module (shared)
  setenvif_module (shared)
  status_module (shared)

Dear submitter,

as the package request-tracker4 has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/1134418

The version of this package that was in Debian prior to this removal
can still be found using https://snapshot.debian.org/.

Please note that the changes have been done on the master archive and
will not propagate to any mirrors until the next dinstall run at the
earliest.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Thorsten Alteholz (the ftpmaster behind the curtain)