http/2 changes everything
TRANSCRIPT
Changes Everything
HTTP
How we got here
1996HTTP 1.0
1999HTTP 1.1
2009SPDY 1.0
2015HTTP 2.0
Cloud MobilityRise of the Internet as a
Platform
Web 2.0
Why did we need HTTP 1.1?
• Caching• Hierarchical proxy support• Persistent connections• Virtual host support • TCP inefficiencies • Authentication • Issues with increasing size of content
1999
HTTP 1.1
HTTP/1.0
• Single request/response per connection
• Host header optional
• Limited support for caching
HTTP/1.1
• Multiple requests and responses per connection
• Required Host header
• Conditional caching headers
• Digest authentication and proxy authentication
• Chunked transfer encoding
• Connection header
• Enhanced compression support
HTTP/1.1 was an effort to address a number of efficiency and performance issues with HTTP/1.0
HTTP 1.0 vs HTTP 1.1
Client AppsClient Apps
May I have a picture of a house please
Hello
Hello
Sure, here you go
Thanks, bye
Hello
Bye
Hello
May I have a picture of a house please.
HelloHello
Here is the house
May I also have a picture of a car.
Here is the car
Thanks, bye
Bye
Interlude
Why did we need SPDY
• Mobile network latency • Reduction in resource availability on mobile
clients • Residual TCP inefficiencies carried forward
with HTTP 1.1 • Issues with increasing size and types of
content
2009
SPDY
HTTP/1.1
• Single request/response at a time
• Browsers use multiple connections to achieve concurrent requests and responses
• Requests and responses are verbose
– Text based, many headers
SPDY• Interleave multiple requests and
responses in parallel without blocking on any one
• Use a single connection for multiple requests and responses in parallel
• Gzip compresses headers• Eliminates the needs for certain HTTP/1.1
page optimization techniques• Extras:
– Introduces request priorities– Enables content push
• SPDY requires TLS
SPDY is a protocol, defined by Google, that offers HTTP/1.1 semantics, but uses a different wire format.
Changes Everything
HTTP
Why do we need HTTP/2?
• Mobile network latency • Residual TCP inefficiencies carried forward
with HTTP 1.1 • Increasing size and types of content • SPDY not under the auspices of a
standards body
2015
Differences from SPDY
SPDY
• Gzip/deflate header compression
– Largely disabled because of CRIME
• TLS mandatory
– Uses TLS extension NPN
• No crypto strength requirements
HTTP/2
• Dedicated header compression scheme (HPACK)
• TLS optional
– Upgrade mechanism as alternative
– Uses TLS extension ALPN
• HTTP/2 requires stronger cryptography*
– Ephemeral keys only
– Preferring AEAD modes like CGM
– Minimal key sizes 128 bit EC, 2048 bit RSA
– Enforced by browsers
HTTP/2 is based on SPDY. Here are some of the differences.
HTTP 1.1 vs HTTP 2
Client AppsClient Apps
May I have a picture of a house please.
HelloHello
Here is the house
May I also have a picture of a car.
Here is the car
Thanks, bye
Bye
May I have a picture of a house please.
Hello
And a car
Here is the house
Here is the car
And a catHere is the dog
Thanks, bye Bye
May I also have a picture of a dog.
Here is the dog
And a dog
Here is the cat
Hello
Evolution
1996HTTP 1.0
1999HTTP 1.1
2009SPDY 1.0
2015HTTP 2.0
• Persistent connections• Virtual host support • Conditional caching • Digest authentication • Chunked transfer encoding• Enhanced compression
• Header compression• Security requirements • Interleaving requests and responses• Push operations • Binary instead of textual
Implications The changes to HTTP/2 such as the move to a binary wire format rather than text means HTTP/1.1 and HTTP/2 are not compatible.
While the working group did not have consensus to require security (TLS or SSL) most browser implementations require security to take advantage of HTTP/2
This means infrastructure that interacts with HTTP must be able to speak both HTTP/1.1 and HTTP/2
This means infrastructure will be effectively blinded as it is unable to execute on encrypted traffic
Gateway
HTTP
© F5 Networks, Inc 16
HTTP 2.0 and SPDY 3.1 Gateways
Protocol Gateways
Origin Servers
BIG-IP Platform
Images
HTTP 1.1/1.0
Devices
HTTP 2.0
HTTP 1.1/1.0
SPDY 3.1/3,0/2.0
Converts from SPDY 3.1/3.0/2.0 or HTTP 2.0 to HTTP 1.x
HTTP
THANK YOU