RFC7232 in https://tools.ietf.org/html/rfc7232#section-3.1 has the following clause:

In the latter case, the origin server MUST NOT send a validator header field in the response unless it can verify that the request is a duplicate of an immediately prior change made by the same user agent

It doesn't really explain what security or performance considerations are leading to such a requirement, but it calls for a lot of infrastructure and design work to implement it because that logic can be implemented only if the server is stateful. The stateless server cannot comply with such a requirement.

See related mail list thread: https://lists.w3.org/Archives/Public/ietf-http-wg/2018OctDec/0051.html

Either RFC should explain why such logic MUST be implemented or relax "MUST" into "SHOULD" in that clause or remove that clause completely.