I want the next generation web here SPDY QUIC
Download as PPTX, PDF0 likes1,361 views
The document discusses the SPDY and QUIC protocols which aim to improve upon HTTP. SPDY focuses on multiplexing, prioritization, header compression, and server push/hints. QUIC aims to eliminate head-of-line blocking, support 0RTT connections, recover lost packets, and survive network changes. Both protocols aim to improve web performance but also face security challenges around things like certificate revocation and content inspection. The future may see both protocols widely adopted in web clients, servers, and network infrastructure.
I want the next generation web here SPDY QUIC
- 1. I want the next generation web here SPDY QUIC A review of the SPDY and QUIC protocols
- 2. Agenda •History •What’s up with HTTP? •SPDY •QUIC •Security •The Future
- 3. About Me
- 4. About Me
- 5. About Me
- 9. History •HTTP 0.9 - First documented in 1991 •HTTP 1.0 - First documented in 1996 •HTTP 1.1 – Released in 1997 •HTTP 1.1 – Updated in 1999
- 10. What’s up with HTTP? •Connections •Latency •Headers
- 11. What’s up with HTTP? Home.aspx Logo.jpg Time
- 12. What’s up with HTTP? Home.aspx Logo.jpg Time
- 13. What’s up with HTTP? "A single-user client SHOULD NOT maintain more than 2 connections with any server or proxy"
- 14. What’s up with HTTP? Source: Akamai State of the Internet Report
- 15. What’s up with HTTP 1.1? Resources Time
- 16. History •183 Resources •44 Domains •25 HTML Pages •2MB of text content
- 17. What’s up with HTTP?
- 18. What’s up with HTTP? GET /news/ HTTP/1.1 Host: www.bbc.co.uk User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://www.bbc.co.uk/news/england/ Cookie: NTABS=B0; BBC- UID=2583816c740b5213b567deae81f1f11c5e89720eae48c3293395badd482afad00Mozilla%2f5%2e0%20%28Windows%20N T%206%2e1%3b%20WOW64%3b%20rv%3a27%2e0%29%20Gecko%2f20100101%20Firefox%2f27%2e0; BGUID=e513614cf47b72b7916877ff1183a8509e60292969e8942b1e4157e7578c4078; s1=531C4B275C0603BA; ecos.dt=1400334549086; ckns_policy=111; ckpf_mandolin=%22footer- promo%22%3A%7B%22segment%22%3Anull%2C%22end%22%3A%221400939293613%22%7D; _chartbeat2=0nohd0na7hc3kcd7.1400334522757.1400334540677.1; _chartbeat_uuniq=1; BBCLiveStatsClick=nav|1|0 DNT: 1 Connection: keep-alive
- 19. What’s up with HTTP? GET /news/ HTTP/1.1 Host: www.bbc.co.uk
- 20. SPDY Source: The Chromium Projects
- 21. SPDY •Multiplexing •Prioritisation •Header Compression •Server Push & Server Hint
- 22. SPDY •Multiplexing •Prioritisation •Header Compression •Server Push & Server Hint
- 24. SPDY •Multiplexing •Prioritisation •Header Compression •Server Push & Server Hint
- 25. SPDY •Multiplexing •Prioritisation •Header Compression •Server Push & Server Hint
- 26. What’s up with HTTP? GET /news/ HTTP/1.1 Host: www.bbc.co.uk User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://www.bbc.co.uk/news/england/ Cookie: NTABS=B0; BBC- UID=2583816c740b5213b567deae81f1f11c5e89720eae48c3293395badd482afad00Mozilla%2f5%2e0%20%28Windows%20N T%206%2e1%3b%20WOW64%3b%20rv%3a27%2e0%29%20Gecko%2f20100101%20Firefox%2f27%2e0; BGUID=e513614cf47b72b7916877ff1183a8509e60292969e8942b1e4157e7578c4078; s1=531C4B275C0603BA; ecos.dt=1400334549086; ckns_policy=111; ckpf_mandolin=%22footer- promo%22%3A%7B%22segment%22%3Anull%2C%22end%22%3A%221400939293613%22%7D; _chartbeat2=0nohd0na7hc3kcd7.1400334522757.1400334540677.1; _chartbeat_uuniq=1; BBCLiveStatsClick=nav|1|0 DNT: 1 Connection: keep-alive
- 27. SPDY •Multiplexing •Prioritisation •Header Compression •Server Push & Server Hint
- 28. SPDY
- 29. SPDY
- 30. SPDY
- 31. SPDY
- 32. SPDY
- 33. SPDY? TLS Request + Next Protocol TLS Response SPDY Request SPDY Response
- 34. SPDY •NPN Support Added 1.0.1 •ALPN Support Added 1.0.2
- 35. QUIC •Remove head-of-line-blocking •0RTT •Recover lost packets •Congestion control •Network change survival
- 36. QUIC
- 37. QUIC
- 38. QUIC
- 39. QUIC “The middle box problem”
- 41. Security
- 43. SPDY Security “complexity is the worst enemy of security” "The only way to evaluate the security of a system is to analyze it“ Source: Bruce Schneier
- 44. SPDY Security
- 45. Security •Certificate Revocation •Malicious servers •Content inspection •Other new attack vectors
- 46. Security
- 48. QUIC Security •Replay Protection •Dos Protection •Address Spoofing Detection
- 49. QUIC Security
- 50. QUIC Security •Cross-connection attacks? •Embryonic attacks? •Memory exhaustion? •DDoS
- 51. The Future •Web Clients •Web Servers •Internet Infrastructure •Network Infrastructure •SSL Stacks
- 52. The Future
- 53. The Future •Libspdy - C •Net-http-spdy – Ruby •Spdylay – Python •http2-katana – C# •Jetty – Java •Erlnag-spdy - Erlang
- 54. The Future
- 56. Europe Manchester - Head Office Cheltenham Edinburgh Leatherhead London Munich Amsterdam Zurich North America Atlanta Chicago New York San Francisco Seattle Austin Australia Sydney
Editor's Notes
- #58: We also need more research.