We must ensure that some Web Section (under a website with must-revalidate caching policy) can have a session that isn't stored.

  Different from no-cache (that is similar to must-revalidate + max-age=0), no-store tells the client (and frontends) that it must not cache the content ever.