Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.



Published on

Daniel Stenberg explains HTTP/3 and QUIC at GOTO 10, January 22, 2019. This is the slideset, see for the video.

HTTP/3 is the designated name for the coming next version of the protocol that is currently under development within the QUIC working group in the IETF.

HTTP/3 is designed to improve in areas where HTTP/2 still has some shortcomings, primarily by changing the transport layer. HTTP/3 is the first major protocol to step away from TCP and instead it uses QUIC.

Why the new protocols are deemed necessary, how they work, how they change how things are sent over the network and what some of the coming deployment challenges will be.

As you will see in this film, there are a lot of questions from an interested and educated audience.

Daniel Stenberg is the founder and lead developer of the curl project. He has worked on HTTP implementations for over twenty years. He has been involved in the HTTPbis working group in IETF for ten years and he worked with HTTP in Firefox for years before he left Mozilla. He participates in the QUIC working group and is the author of the widely read documents ”HTTP2 explained” and ”HTTP/3 explained”.

Published in: Technology
  • Just got my check for $500, Sometimes people don't believe me when I tell them about how much you can make taking paid surveys online... So I took a video of myself actually getting paid $500 for paid surveys to finally set the record straight. I'm not going to leave this video up for long, so check it out now before I take it down! ▲▲▲
    Are you sure you want to  Yes  No
    Your message goes here
  • You can now be your own boss and get yourself a very generous daily income. START FREE...■■■
    Are you sure you want to  Yes  No
    Your message goes here


  1. 1. GOTO 10 - January 22, 2019
  2. 2. Daniel Stenberg @bagder
  3. 3. AgendaAgenda The road from HTTP 1 to 2 to 3The road from HTTP 1 to 2 to 3 Some details on TCP and TLSSome details on TCP and TLS Problems with HTTP/2Problems with HTTP/2 Fixing TCP isn’t possibleFixing TCP isn’t possible Why QUICWhy QUIC How QUIC worksHow QUIC works HTTP/3 is HTTP over QUICHTTP/3 is HTTP over QUIC HTTP/3 is coming soon!HTTP/3 is coming soon!
  4. 4. Beware I will presume basic networking knowledge I will not show many protocol bytes or bits Some details may change subtly before shipped Feel free to interrupt and ask at any time!
  5. 5. HTTP/1 HTTP/2 HTTP/3
  6. 6. HTTP started done over TCP
  7. 7. TCPTCP TCP/IP means it works over IP Establishes a “connection” 3-way handshake Resends lost packages Delivers a byte stream Clear text
  8. 8. HTTPS means TCP + TLS + HTTP
  9. 9. HTTPS is eating the web
  10. 10. TLSTLS TLS is done over TCP for HTTP/1 or 2 Transport Layer Security Additional handshake Privacy and security
  11. 11. HTTP over TCP
  12. 12. HTTP/1.1HTTP/1.1 Shipped June 1999 Many parallel TCP connections Ineffective TCP use HTTP head-of-line-blocking Numerous work-arounds
  13. 13. HTTP/2HTTP/2 Shipped May 2015 Uses single connection per host Many parallel streams TCP head-of-line-blocking
  14. 14. OssificationOssification Internet is full of boxes Routers, gateways, firewalls, load balancers, NATs... Boxes run software to handle network data Middle-boxes work on existing protocols Upgrade much slower than edges
  15. 15. Internet WWW
  16. 16. Internet WWW
  17. 17. Ossification prevents HTTP/2 in clear textHTTP/2 in clear text TCP improvements like TFOTCP improvements like TFO TCP/UDP replacementsTCP/UDP replacements Future innovationsFuture innovations …… unless encryptedunless encrypted
  18. 18. Improvement in spite of ossification
  19. 19. A new transport protocol
  20. 20. Built on experiences by Google QUIC Google deployed “http2 frames over UDP”-QUIC in 2013Google deployed “http2 frames over UDP”-QUIC in 2013 Widely used clientWidely used client Widely used web servicesWidely used web services Proven to work at web scaleProven to work at web scale Taken to the IETF in 2015Taken to the IETF in 2015 QUIC working group started 2016QUIC working group started 2016 IETF QUIC is now very different than Google QUIC wasIETF QUIC is now very different than Google QUIC was
  21. 21. Improvements TCP head of line blockingTCP head of line blocking Faster handshakesFaster handshakes Earlier dataEarlier data More encryption, alwaysMore encryption, always Future developmentFuture development
  22. 22. Build on top of UDP TCP and UDP remain “the ones”TCP and UDP remain “the ones” Use UDP instead of IPUse UDP instead of IP Reliable transport protocol - inReliable transport protocol - in user-spaceuser-space A little like TCP + TLSA little like TCP + TLS
  23. 23. UDP isn’t reliable, QUIC is UDP Connectionless No resends No flow control QUIC Uses UDP like TCP uses IP Adds connections, resends and flow control on top
  24. 24. Streams! QUIC provides streams Many logical flows within a single connection Similar to HTTP/2 but in the transport layer Independent streams
  25. 25. Independent streams TCPTCP QUICQUIC
  26. 26. Application protocols over QUICApplication protocols over QUIC Streams for free Could be “any protocol” HTTP worked on as the first Others are planned to follow
  27. 27. HTTP/3 = HTTP over QUIC
  28. 28. HTTP – same but different RequestRequest - method + path- method + path - headers- headers - body- body ResponseResponse - response code- response code - headers- headers - body- body
  29. 29. HTTP – same but different HTTP/1 – in ASCII over TCP HTTP/2 – binary multiplexed over TCP HTTP/3 – binary over multiplexed QUIC
  30. 30. Stacks: HTTP/2 vs HTTP/3 IP TCP TLS 1.2+ HTTP/2 UDP HTTP/3 QUIC TLS 1.3 IP
  31. 31. Features: HTTP/2 vs HTTP/3 HTTP/2 HTTP/3 Transport TCP QUIC Streams HTTP/2 QUIC Clear-text version yes no Independent streams no yes Header compression HPACK QPACK Server push yes yes Early data In theory yes 0-RTT handshake no yes
  32. 32. QUIC is fasterQUIC is faster data from Google done with Google QUIC Shaving a full second off the Google Search page load time for the slowest 1% of connections 18% less buffering time on YouTube 75% of connections can take advantage of QUIC’s zero-round-trip feature 3% improvement in mean page google search load time with QUIC
  33. 33. HTTPS is TCP? HTTPS:// URLs are everywhereHTTPS:// URLs are everywhere TCP (and TLS) on TCP port 443TCP (and TLS) on TCP port 443
  34. 34. This service - over there! The Alt-Svc: response header Another host, protocol or port number is the same “origin” This site also runs on HTTP/3 “over there”, for the next NNNN seconds
  35. 35. Will HTTP/3 deliver?
  36. 36. HTTP/3 challenges 3-7% something of all QUIC attempts fail Clients need “fall back” algorithms CPU intensive Unoptimized UDP stacks “Funny” TLS layer All QUIC stacks are user-land No standard QUIC API Lack of tooling
  37. 37. Ship date
  38. 38. Implementations Over a dozen QUIC implementations, but HTTP/3 lags behind Google, Mozilla, Apple, Facebook, Akamai, Fastly, Cloudflare, F5, LiteSpeed, and more No browser has an implementation yet Neither do Apache or nginx curl doesn’t support HTTP/3 yet either
  39. 39. HTTP/3 deployments will take time outside the top HTTP/3 will grow slower than HTTP/2 did Some sites will stick to HTTP/ 2 QUIC is for the long term
  40. 40. FutureFuture MultipathMultipath Forward error correctionForward error correction Unreliable streamsUnreliable streams More application protocolsMore application protocols
  41. 41. Take-aways HTTP/3 is coming soonHTTP/3 is coming soon HTTP/3 is always encryptedHTTP/3 is always encrypted Similar to HTTP/2 but over QUICSimilar to HTTP/2 but over QUIC QUIC is a transport done over UDPQUIC is a transport done over UDP Challenges to overcomeChallenges to overcome Live before summer 2019Live before summer 2019
  42. 42. HTTP/3 Explained
  43. 43. Daniel Stenberg @bagder Thank you!Thank you! Questions?Questions?
  44. 44. Credits QUIC drafts: Images: This presentation is provided under the Creative Commons Attribution 4.0 International Public License