Web performance   across the HTTP to HTTPS   transition  Sean Walbran    swalbran@digitalriver.com
Meeting peoplehttp://commons.wikimedia.org/wiki/File:MNSF_Crowds.JPG
HTTP is for everybody
HTTPS is for relationships http://commons.wikimedia.org/wiki/File:RoyalBicycleBuiltForTwoBastilleDay2008.jpg
HTTPS is for sharing secrets
Performance at the transition         is crucial
Slow by default
It’s complicated•   Network•   Encryption overhead•   CDN•   Browser cache•   Prefetching & security•   …and more
Network• All new sockets• Additional RTT each Connect ahead Keep alive
Encryption overheadServer side:   -75% cpu by offloading*Client side:     ~2x cpu vs. HTTPMobile / Netbook impact=> Reduce...
CDNHTTPS == LRUzer
CDNNot all PoPs are created equal     10ms to their HTTP-only corporate domain     30ms to our HTTPS-enabled domain Use s...
Browser cachehttp://www.flickr.com/photos/43426549@N00/1812312679/
Browser cache             Suddenly empty!Trust: only HTTPS content on HTTPS pagesBrowser: HTTPS url’s are differentSchemel...
Browser cache: Firefox          HTTPS content is cached             only in memory                by default Set Cache-Co...
Browser cache: IE“WinINET will not reuse a previously-cachedresource delivered over HTTPS until at leastone secure connect...
Prefetch to the rescue
HTTPS prefetch quirksFirefox + jquery, in HTTP context$.ajax( https script url )      => 0 byte cache entry      => key: a...
Summary• HTTPS transition matters – it’s the first date• Slow by default• Reasons are many Prefetch, but verify it’s work...
Web performance across the HTTP to HTTPS transition
Upcoming SlideShare
Loading in …5
×

Web performance across the HTTP to HTTPS transition

1,514 views

Published on

Velocity 2010 Ignite talk - http://velocityconf.com/velocity2010/public/schedule/detail/15574

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,514
On SlideShare
0
From Embeds
0
Number of Embeds
12
Actions
Shares
0
Downloads
33
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Web performance across the HTTP to HTTPS transition

  1. 1. Web performance across the HTTP to HTTPS transition Sean Walbran swalbran@digitalriver.com
  2. 2. Meeting peoplehttp://commons.wikimedia.org/wiki/File:MNSF_Crowds.JPG
  3. 3. HTTP is for everybody
  4. 4. HTTPS is for relationships http://commons.wikimedia.org/wiki/File:RoyalBicycleBuiltForTwoBastilleDay2008.jpg
  5. 5. HTTPS is for sharing secrets
  6. 6. Performance at the transition is crucial
  7. 7. Slow by default
  8. 8. It’s complicated• Network• Encryption overhead• CDN• Browser cache• Prefetching & security• …and more
  9. 9. Network• All new sockets• Additional RTT each Connect ahead Keep alive
  10. 10. Encryption overheadServer side: -75% cpu by offloading*Client side: ~2x cpu vs. HTTPMobile / Netbook impact=> Reduce Offload Prefetch * admittedly, a years-old metric
  11. 11. CDNHTTPS == LRUzer
  12. 12. CDNNot all PoPs are created equal 10ms to their HTTP-only corporate domain 30ms to our HTTPS-enabled domain Use separate domains for HTTP & HTTPS Prefetch
  13. 13. Browser cachehttp://www.flickr.com/photos/43426549@N00/1812312679/
  14. 14. Browser cache Suddenly empty!Trust: only HTTPS content on HTTPS pagesBrowser: HTTPS url’s are differentSchemeless URL’s don’t help <a href=“//example.com/image.png”>
  15. 15. Browser cache: Firefox HTTPS content is cached only in memory by default Set Cache-Control: public https://bugzilla.mozilla.org/show_bug.cgi?id=531801
  16. 16. Browser cache: IE“WinINET will not reuse a previously-cachedresource delivered over HTTPS until at leastone secure connection to the target host hasbeen established by the current process.” http://blogs.msdn.com/b/ieinternals/archive/2010/04/21/internet- explorer-may-bypass-cache-for-cross-domain-https-content.aspx Connect ahead, prefetch
  17. 17. Prefetch to the rescue
  18. 18. HTTPS prefetch quirksFirefox + jquery, in HTTP context$.ajax( https script url ) => 0 byte cache entry => key: anon&uri=https://…new Image().src = https script url => 0 byte cache entry => 206/partial content next fetch
  19. 19. Summary• HTTPS transition matters – it’s the first date• Slow by default• Reasons are many Prefetch, but verify it’s working Tune for CDN and browser cache quirks Minimize socket creation

×