The thing I'm most surprised by is the change in the default cacheability of 404 responses from uncacheable to cacheable.
Though I guess since defaulting to cacheable doesn't mean that responses must be cached, so you can still be compliant with RFC7231 by never caching 404s.
"A response received with [a status code other than 200, 203, 206, 300, 301 or 410] MUST NOT be returned in a reply to a subsequent request unless there are cache-control directives or another header(s) that explicitly allow it."
RFC2616:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13...
"A response received with [a status code other than 200, 203, 206, 300, 301 or 410] MUST NOT be returned in a reply to a subsequent request unless there are cache-control directives or another header(s) that explicitly allow it."
RFC7231:
http://tools.ietf.org/html/rfc7231#section-6.5.4
"A 404 response is cacheable by default"