Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

HTTP/2 Changes Everything

10,437 views

Published on

A walk through the differences between HTTP/1, SPDY and HTTP/2.

Published in: Technology
  • Be the first to comment

HTTP/2 Changes Everything

  1. 1. Changes Everything HTTP
  2. 2. How we got here 1996 HTTP 1.0 1999 HTTP 1.1 2009 SPDY 1.0 2015 HTTP 2.0 Cloud MobilityRise of the Internet as a Platform Web 2.0
  3. 3. Why did we need HTTP 1.1? • Caching • Hierarchical proxy support • Persistent connections • Virtual host support • TCP inefficiencies • Authentication • Issues with increasing size of content 1999
  4. 4. HTTP 1.1 HTTP/1.0 • Single request/response per connection • Host header optional • Limited support for caching HTTP/1.1 • Multiple requests and responses per connection • Required Host header • Conditional caching headers • Digest authentication and proxy authentication • Chunked transfer encoding • Connection header • Enhanced compression support HTTP/1.1 was an effort to address a number of efficiency and performance issues with HTTP/1.0
  5. 5. HTTP 1.0 vs HTTP 1.1 Client AppsClient Apps May I have a picture of a house please Hello Hello Sure, here you go Thanks, bye Hello Bye Hello May I have a picture of a house please. Hello Hello Here is the house May I also have a picture of a car. Here is the car Thanks, bye Bye
  6. 6. Interlude
  7. 7. Why did we need SPDY • Mobile network latency • Reduction in resource availability on mobile clients • Residual TCP inefficiencies carried forward with HTTP 1.1 • Issues with increasing size and types of content 2009
  8. 8. SPDY HTTP/1.1 • Single request/response at a time • Browsers use multiple connections to achieve concurrent requests and responses • Requests and responses are verbose – Text based, many headers SPDY • Interleave multiple requests and responses in parallel without blocking on any one • Use a single connection for multiple requests and responses in parallel • Gzip compresses headers • Eliminates the needs for certain HTTP/1.1 page optimization techniques • Extras: – Introduces request priorities – Enables content push • SPDY requires TLS SPDY is a protocol, defined by Google, that offers HTTP/1.1 semantics, but uses a different wire format.
  9. 9. Changes Everything HTTP
  10. 10. Why do we need HTTP/2? • Mobile network latency • Residual TCP inefficiencies carried forward with HTTP 1.1 • Increasing size and types of content • SPDY not under the auspices of a standards body 2015
  11. 11. Differences from SPDY SPDY • Gzip/deflate header compression – Largely disabled because of CRIME • TLS mandatory – Uses TLS extension NPN • No crypto strength requirements HTTP/2 • Dedicated header compression scheme (HPACK) • TLS optional – Upgrade mechanism as alternative – Uses TLS extension ALPN • HTTP/2 requires stronger cryptography* – Ephemeral keys only – Preferring AEAD modes like CGM – Minimal key sizes 128 bit EC, 2048 bit RSA – Enforced by browsers HTTP/2 is based on SPDY. Here are some of the differences.
  12. 12. HTTP 1.1 vs HTTP 2 Client AppsClient Apps May I have a picture of a house please. Hello Hello Here is the house May I also have a picture of a car. Here is the car Thanks, bye Bye May I have a picture of a house please. Hello And a car Here is the house Here is the car And a cat Here is the dog Thanks, bye Bye May I also have a picture of a dog. Here is the dog And a dog Here is the cat Hello
  13. 13. Evolution 1996 HTTP 1.0 1999 HTTP 1.1 2009 SPDY 1.0 2015 HTTP 2.0 • Persistent connections • Virtual host support • Conditional caching • Digest authentication • Chunked transfer encoding • Enhanced compression • Header compression • Security requirements • Interleaving requests and responses • Push operations • Binary instead of textual
  14. 14. Implications The changes to HTTP/2 such as the move to a binary wire format rather than text means HTTP/1.1 and HTTP/2 are not compatible. While the working group did not have consensus to require security (TLS or SSL) most browser implementations require security to take advantage of HTTP/2 This means infrastructure that interacts with HTTP must be able to speak both HTTP/1.1 and HTTP/2 This means infrastructure will be effectively blinded as it is unable to execute on encrypted traffic
  15. 15. Gateway HTTP
  16. 16. © F5 Networks, Inc 16 HTTP 2.0 and SPDY 3.1 Gateways Protocol Gateways Origin Servers BIG-IP Platform Images HTTP 1.1/1.0 Devices HTTP 2.0 HTTP 1.1/1.0 SPDY 3.1/3,0/2.0 Converts from SPDY 3.1/3.0/2.0 or HTTP 2.0 to HTTP 1.x
  17. 17. HTTP THANK YOU

×