For expiration we always try to cache for as long as possible meaning we always try to tell the external client to cache indefinately using max-age=0 as long as the ETag is unchanged:
Cache-Control: private, must-revalidate, max-age=0\r\n
This means the cache is instructed to hold the file unless the ETag has changed. At very least the ETag needs to be checked each time the file is downloaded. There is no charge for a request to determine if the ETag so you will not incur bandwidth charges for something that has been cached and has not changed (assuming you are using a standard cachable HTTP/1.1 compliant app like Firefox or other modern browsers.)
The ability to return custom headers is still a feature we are working towards, I do not have a specific time frame yet. Please let me know if you need something specific from the headers since this will help us determine the priority of our features.