SlideShare a Scribd company logo

HTTP/3 is next generation HTTP

Daniel Stenberg
Daniel Stenberg

A presentation about HTTP/3 and QUIC done by Daniel Stenberg at the GOTOpia conference in November 2020.

Internet
1 of 62
Download to read offline
is next generation HTTP Is it enough? Daniel Stenberg GOTOpia November 2020
Daniel Stenberg @bagderhttps://daniel.haxx.se
Daniel Stenberg @bagder
Daniel Stenberg @bagder
HTTP 1 to 2 to 3HTTP 1 to 2 to 3 ProblemsProblems Why QUIC and how it worksWhy QUIC and how it works HTTP/3HTTP/3 ChallengesChallenges Coming soon!Coming soon! @bagder@bagder
Q&A in the end!Q&A in the end! @bagder@bagder …… and in #programming in the GOTOpia slackand in #programming in the GOTOpia slack
HTTP/1 HTTP/2 HTTP/3 @bagder@bagder
Under the hood GET / HTTP/1.1 Host: www.example.com Accept: */* User-Agent: HTTP-eats-the-world/2020 HTTP/1.1 200 OK Date: Thu, 09 Nov 2018 14:49:00 GMT Server: my-favorite v3 Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT Content-Length: 12345 Set-Cookie: this-is-simple=yeah-really; Content-Type: text/html [content] @bagder@bagder
HTTP started done over TCP @bagder@bagder
TCPTCP TCP is transport over IP Establishes a “connection” 3-way handshake Resends lost packages A reliable byte stream Clear text @bagder@bagder
HTTPS means TCP + TLS + HTTP @bagder@bagder
@bagder@bagder Web pages over HTTPS in Firefox
@bagder@bagder Web pages over HTTPS
TLSTLS TLS is done over TCP for HTTP/1 or 2 Transport Layer Security Additional handshake Privacy and security @bagder@bagder
Classic HTTPS stack IP TCP TLS HTTP @bagder@bagder
HTTP over TCP @bagder@bagder
HTTP/1.1HTTP/1.1 Shipped January 1997 Many parallel TCP connections Better but ineffective TCP use HTTP head-of-line-blocking Numerous work-arounds @bagder@bagder
HTTP/2HTTP/2 Shipped May 2015 Uses single connection per host Many parallel streams TCP head-of-line-blocking @bagder@bagder
OssificationOssification Internet is full of boxes Routers, gateways, firewalls, load balancers, NATs... Boxes run software to handle network data Middle-boxes work on existing protocols Upgrade much slower than edges @bagder@bagder
Internet WWW @bagder@bagder
Middle-boxes prevent HTTP/2 in clear textHTTP/2 in clear text TCP improvements like TFOTCP improvements like TFO TCP/UDP replacementsTCP/UDP replacements HTTP brotliHTTP brotli Future innovationsFuture innovations …… unless encryptedunless encrypted @bagder@bagder
Improvement in spite of ossification @bagder@bagder
@bagder@bagder
@bagder@bagder
A new transport protocol @bagder@bagder
Built on experiences by Google QUIC Google deployed “http2 frames over UDP”-QUIC in 2013Google deployed “http2 frames over UDP”-QUIC in 2013 Widely used clientWidely used client Widely used web servicesWidely used web services Proven to work at web scaleProven to work at web scale Taken to the IETF in 2015Taken to the IETF in 2015 QUIC working group started 2016QUIC working group started 2016 IETF QUIC is now very different than Google QUIC wasIETF QUIC is now very different than Google QUIC was @bagder@bagder
Improvements TCP head of line blockingTCP head of line blocking Faster handshakesFaster handshakes Earlier dataEarlier data Connection-IDConnection-ID More encryption, alwaysMore encryption, always Future developmentFuture development @bagder@bagder
Build on top of UDP TCP and UDP remain “the ones”TCP and UDP remain “the ones” Use UDP instead of IPUse UDP instead of IP Reliable transport protocol - inReliable transport protocol - in user-spaceuser-space A little like TCP + TLSA little like TCP + TLS @bagder@bagder
Independent streamsIndependent streams TCPTCP QUICQUIC @bagder@bagder
Application protocols over QUICApplication protocols over QUIC Streams for free Could be “any protocol” HTTP worked on as the first Others are planned to follow @bagder@bagder
HTTP/3 = HTTP over QUIC @bagder@bagder
HTTP – same but different RequestRequest - method + path- method + path - headers- headers - body- body ResponseResponse - response code- response code - headers- headers - body- body @bagder@bagder
HTTP – same but different HTTP/1 – in ASCII over TCP HTTP/2 – binary multiplexed over TCP HTTP/3 – binary over multiplexed QUIC @bagder@bagder
HTTPS stacks: old vs new TCP TLS HTTP/2 UDP HTTP/3 QUIC TLS 1.3 IP HTTP/1 @bagder@bagder streams
HTTP feature comparison @bagder@bagder HTTP/2 HTTP/3 Transport TCP QUIC Streams HTTP/2 QUIC Clear-text version Yes No Independent streams No Yes Header compression HPACK QPACK Server push Yes Yes Early data In theory Yes 0-RTT Handshake No Yes Prioritization Messy Changes
HTTP/3 is fasterHTTP/3 is faster Faster handshakes Improved loss-recovery Early data that works The independent streams By how much remains to be measured! @bagder@bagder (Thanks to QUIC)(Thanks to QUIC)
What they sayWhat they say “We've found that IETF QUIC significantly outperforms HTTP over TLS 1.3 over TCP.” / Google “QUIC and HTTP/3 generally outperform TCP and HTTP/2, which in turn outperform TCP and HTTP/1.1.” / Facebook @bagder@bagder
HTTPS:// is TCP? HTTPS:// URLs are everywhereHTTPS:// URLs are everywhere TCP (and TLS) on TCP port 443TCP (and TLS) on TCP port 443 @bagder@bagder
This service - over there! The Alt-Svc: response header Another host, protocol or port number is the same “origin” This site also runs on HTTP/3 “over there”, for the next NNNN seconds @bagder@bagder
Race connections? Might be faster Probably needed anyway QUIC connections verify the cert HTTPS RR – alt-svc: done in DNS @bagder@bagder
Will HTTP/3 deliver? @bagder@bagder
UDP challenges 3-7% of QUIC attempts fail Clients need fall back algorithms QUIC looks like a DDOS attack @bagder@bagder
CPU hog higher CPU use Unoptimized UDP stacks Non-ideal UDP APIs Missing hardware offload @bagder@bagder
The TLS situation (1/3) TLS was made for TCP TLS is sent over TCP as records containing individual messages QUIC uses TLS messages No TLS library support(ed) TLS messages QUIC also needs additional secrets @bagder@bagder
The TLS situation (2/3) @bagder@bagder Record 0 Message 0 Message 1 Record 1 Message 2 Message 3TCPTCP Message 0 Message 1 Message 2 Message 3 QUICQUIC
The TLS situation (3/3) OpenSSL is the world’s leading TLS library OpenSSL postponed QUIC work to “after 3.0” OpenSSL was an issue already for HTTP/2 deployment while further along @bagder@bagder
Userland All QUIC stacks are user-land No standard QUIC API Will it be moved to kernels? @bagder@bagder
Tooling Needs new tooling Hooray for qlog & qvis @bagder@bagder
Ship date @bagder@bagder Early 2021?
Implementations Over a dozen QUIC and HTTP/3 implementations Google, Mozilla, Apple, Facebook, Microsoft, Akamai, Fastly, Cloudflare, F5, LiteSpeed, Apache, and more C, C++, Go, Rust, Python, Java, TypeScript, Erlang Monthly interops @bagder@bagder
HTTP/3 Implementation Status curl Chrome and Edge Canary, Firefox Nightly, Safari 14 Beta Caddy and LiteSpeed NGINX “tech preview” nginx-patch + quiche BoringSSL and GnuTLS Wireshark @bagder@bagder No Apache httpd No IIS No OpenSSL (PR #8797)
Browsers doing HTTP/3 @bagder@bagder --enable-quic --quic-version=h3-29 about:config network.http.http3.enabled Settings > Advanced > Experimental WebKit Features > HTTP3
Sites on HTTP/3 – right now! Facebook Instagram Google Youtube Cloudflare https://bagder.github.io/HTTP3-test/ @bagder@bagder
in ExperimentalExperimental h3-32 works! Alt-svcAlt-svc support is there Based on ngtcp2ngtcp2 and FallbackFallback is tricky @bagder@bagder Try it! Try it!
$ curl --http3 https://example.com/ HTTP/3 200 date: Wed, 09 Oct 2019 11:16:06 GMT content-type: text/html content-length: 10602 set-cookie: crazy=d8bc7e7; expires=Thu, 08-Oct-22 11:16:06 GMT; path=/; domain=example.com; alt-svc: h3-32=":443"; ma=86400 @bagder@bagder curl HTTP/3 command line
HTTP/3 will take timeHTTP/3 will take time HTTP/3 will grow slowerHTTP/3 will grow slower Some will stick to HTTP/2Some will stick to HTTP/2 QUIC is for the long termQUIC is for the long term @bagder@bagder
FutureFuture MultipathMultipath Unreliable streamsUnreliable streams More application protocolsMore application protocols @bagder@bagder Partial reliabilityPartial reliability
Take-aways HTTP/3 is comingHTTP/3 is coming HTTP/3 is always encryptedHTTP/3 is always encrypted Similar to HTTP/2 but over QUICSimilar to HTTP/2 but over QUIC QUIC is transport over UDPQUIC is transport over UDP Challenges to overcomeChallenges to overcome Early 2021?Early 2021? @bagder@bagder
HTTP/3 Explained https://daniel.haxx.se/http3-explained @bagder@bagder
Daniel Stenberg @bagder https://daniel.haxx.se/ Thank you!Thank you! Questions?Questions? @bagder@bagder
License This presentation is provided under the Creative Commons Attribution 4.0 International Public License @bagder@bagder
Links to data and more info QUIC drafts: https://quicwg.github.io/ DATAGRAM: https://tools.ietf.org/html/draft-pauly-quic-datagram-05 QUIC multipath: https://tools.ietf.org/html/draft-deconinck-quic-multipath-03 HTTPS stats Firefox: https://letsencrypt.org/stats/#percent-pageloads Chrome is deploying HTTP/3 and IETF QUIC: https://blog.chromium.org/2020/10/chrome-is-deploying-http3-and-ietf-quic.html How Facebook is bringing QUIC to billions: https://engineering.fb.com/2020/10/21/networking-traffic/how-facebook-is-bringing-quic-to-billions/ Web Transport: https://w3c.github.io/webtransport/ Images: http://www.simonstalenhag.se/ and https://pixabay.com/ HTTP/3 Explained: https://http3-explained.haxx.se/ QUIC implementations: https://github.com/quicwg/base-drafts/wiki/Implementations Nginx + quiche: https://github.com/cloudflare/quiche/tree/master/extras/nginx HTTPSSVC: https://tools.ietf.org/html/draft-ietf-dnsop-svcb-httpssvc-03 qlog: https://github.com/quiclog/internet-drafts qvis: https://qvis.edm.uhasselt.be Build curl with HTTP/3: https://github.com/curl/curl/blob/master/docs/HTTP3.md @bagder@bagder

Recommended

curl better
curl bettercurl better
curl betterDaniel Stenberg
 
curl roadmap 2020
curl roadmap 2020curl roadmap 2020
curl roadmap 2020Daniel Stenberg
 
common mistakes when using libcurl
common mistakes when using libcurlcommon mistakes when using libcurl
common mistakes when using libcurlDaniel Stenberg
 
HTTP/3 in curl
HTTP/3 in curlHTTP/3 in curl
HTTP/3 in curlDaniel Stenberg
 
Getting started with libcurl
Getting started with libcurlGetting started with libcurl
Getting started with libcurlDaniel Stenberg
 
HTTP/3 for everyone
HTTP/3 for everyoneHTTP/3 for everyone
HTTP/3 for everyoneDaniel Stenberg
 
HTTP/3 in curl 2020
HTTP/3 in curl 2020HTTP/3 in curl 2020
HTTP/3 in curl 2020Daniel Stenberg
 
Landing code in curl
Landing code in curlLanding code in curl
Landing code in curlDaniel Stenberg
 

Recommended

curl better
curl bettercurl better
curl betterDaniel Stenberg
 
curl roadmap 2020
curl roadmap 2020curl roadmap 2020
curl roadmap 2020Daniel Stenberg
 
common mistakes when using libcurl
common mistakes when using libcurlcommon mistakes when using libcurl
common mistakes when using libcurlDaniel Stenberg
 
HTTP/3 in curl
HTTP/3 in curlHTTP/3 in curl
HTTP/3 in curlDaniel Stenberg
 
Getting started with libcurl
Getting started with libcurlGetting started with libcurl
Getting started with libcurlDaniel Stenberg
 
HTTP/3 for everyone
HTTP/3 for everyoneHTTP/3 for everyone
HTTP/3 for everyoneDaniel Stenberg
 
HTTP/3 in curl 2020
HTTP/3 in curl 2020HTTP/3 in curl 2020
HTTP/3 in curl 2020Daniel Stenberg
 
Landing code in curl
Landing code in curlLanding code in curl
Landing code in curlDaniel Stenberg
 
curl - a hobby project that conquered the world
curl - a hobby project that conquered the worldcurl - a hobby project that conquered the world
curl - a hobby project that conquered the worldDaniel Stenberg
 
Testing curl for security
Testing curl for securityTesting curl for security
Testing curl for securityDaniel Stenberg
 
HTTP/3, QUIC and streaming
HTTP/3, QUIC and streamingHTTP/3, QUIC and streaming
HTTP/3, QUIC and streamingDaniel Stenberg
 
Http3 fullstackfest-2019
Http3 fullstackfest-2019Http3 fullstackfest-2019
Http3 fullstackfest-2019Daniel Stenberg
 
Curl with rust
Curl with rustCurl with rust
Curl with rustDaniel Stenberg
 
Just curl it!
Just curl it!Just curl it!
Just curl it!Daniel Stenberg
 
HTTP/3
HTTP/3HTTP/3
HTTP/3Daniel Stenberg
 
HTTP/3 an early overview
HTTP/3 an early overviewHTTP/3 an early overview
HTTP/3 an early overviewPraveen Kottarathil
 
DNS over HTTPS
DNS over HTTPSDNS over HTTPS
DNS over HTTPSDaniel Stenberg
 
HTTP/3 over QUIC. All is new but still the same!
HTTP/3 over QUIC. All is new but still the same!HTTP/3 over QUIC. All is new but still the same!
HTTP/3 over QUIC. All is new but still the same!Daniel Stenberg
 
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchaginstackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat KorchaginNETWAYS
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!Alex Borysov
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!Alex Borysov
 
2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST Security2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST SecurityDavid Blevins
 
Demystifying Docker Networking Devoxx MA 2017
Demystifying Docker Networking Devoxx MA 2017Demystifying Docker Networking Devoxx MA 2017
Demystifying Docker Networking Devoxx MA 2017Imad Hsissou
 
Learning Python with Minecraft and my Dad - PyOhio 2018
Learning Python with Minecraft and my Dad - PyOhio 2018Learning Python with Minecraft and my Dad - PyOhio 2018
Learning Python with Minecraft and my Dad - PyOhio 2018Hank Preston
 
What's new in FreeBSD 10
What's new in FreeBSD 10What's new in FreeBSD 10
What's new in FreeBSD 10Gleb Smirnoff
 
Useful Python Libraries for Network Engineers - PyOhio 2018
Useful Python Libraries for Network Engineers - PyOhio 2018Useful Python Libraries for Network Engineers - PyOhio 2018
Useful Python Libraries for Network Engineers - PyOhio 2018Hank Preston
 
Modern Reconnaissance Phase on APT - protection layer
Modern Reconnaissance Phase on APT - protection layerModern Reconnaissance Phase on APT - protection layer
Modern Reconnaissance Phase on APT - protection layerShakacon
 
XFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnellingXFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnellingShakacon
 
http3-quic-streaming-2020-200121234036.pdf
http3-quic-streaming-2020-200121234036.pdfhttp3-quic-streaming-2020-200121234036.pdf
http3-quic-streaming-2020-200121234036.pdfJunZhao68
 
Improving performance by changing the rules from fast to SPDY
Improving performance by changing the rules from fast to SPDYImproving performance by changing the rules from fast to SPDY
Improving performance by changing the rules from fast to SPDYCotendo
 

More Related Content

What's hot

curl - a hobby project that conquered the world
curl - a hobby project that conquered the worldcurl - a hobby project that conquered the world
curl - a hobby project that conquered the worldDaniel Stenberg
 
Testing curl for security
Testing curl for securityTesting curl for security
Testing curl for securityDaniel Stenberg
 
HTTP/3, QUIC and streaming
HTTP/3, QUIC and streamingHTTP/3, QUIC and streaming
HTTP/3, QUIC and streamingDaniel Stenberg
 
Http3 fullstackfest-2019
Http3 fullstackfest-2019Http3 fullstackfest-2019
Http3 fullstackfest-2019Daniel Stenberg
 
HTTP/3 over QUIC. All is new but still the same!
HTTP/3 over QUIC. All is new but still the same!HTTP/3 over QUIC. All is new but still the same!
HTTP/3 over QUIC. All is new but still the same!Daniel Stenberg
 
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchaginstackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat KorchaginNETWAYS
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!Alex Borysov
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!Alex Borysov
 
2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST Security2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST SecurityDavid Blevins
 
Demystifying Docker Networking Devoxx MA 2017
Demystifying Docker Networking Devoxx MA 2017Demystifying Docker Networking Devoxx MA 2017
Demystifying Docker Networking Devoxx MA 2017Imad Hsissou
 
Learning Python with Minecraft and my Dad - PyOhio 2018
Learning Python with Minecraft and my Dad - PyOhio 2018Learning Python with Minecraft and my Dad - PyOhio 2018
Learning Python with Minecraft and my Dad - PyOhio 2018Hank Preston
 
What's new in FreeBSD 10
What's new in FreeBSD 10What's new in FreeBSD 10
What's new in FreeBSD 10Gleb Smirnoff
 
Useful Python Libraries for Network Engineers - PyOhio 2018
Useful Python Libraries for Network Engineers - PyOhio 2018Useful Python Libraries for Network Engineers - PyOhio 2018
Useful Python Libraries for Network Engineers - PyOhio 2018Hank Preston
 
Modern Reconnaissance Phase on APT - protection layer
Modern Reconnaissance Phase on APT - protection layerModern Reconnaissance Phase on APT - protection layer
Modern Reconnaissance Phase on APT - protection layerShakacon
 
XFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnellingXFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnellingShakacon
 

What's hot (20)

curl - a hobby project that conquered the world
curl - a hobby project that conquered the worldcurl - a hobby project that conquered the world
curl - a hobby project that conquered the world
 
Testing curl for security
Testing curl for securityTesting curl for security
Testing curl for security
 
HTTP/3, QUIC and streaming
HTTP/3, QUIC and streamingHTTP/3, QUIC and streaming
HTTP/3, QUIC and streaming
 
Http3 fullstackfest-2019
Http3 fullstackfest-2019Http3 fullstackfest-2019
Http3 fullstackfest-2019
 
Curl with rust
Curl with rustCurl with rust
Curl with rust
 
Just curl it!
Just curl it!Just curl it!
Just curl it!
 
HTTP/3
HTTP/3HTTP/3
HTTP/3
 
HTTP/3 an early overview
HTTP/3 an early overviewHTTP/3 an early overview
HTTP/3 an early overview
 
DNS over HTTPS
DNS over HTTPSDNS over HTTPS
DNS over HTTPS
 
HTTP/3 over QUIC. All is new but still the same!
HTTP/3 over QUIC. All is new but still the same!HTTP/3 over QUIC. All is new but still the same!
HTTP/3 over QUIC. All is new but still the same!
 
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchaginstackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!
 
2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST Security2018 IterateConf Deconstructing and Evolving REST Security
2018 IterateConf Deconstructing and Evolving REST Security
 
Demystifying Docker Networking Devoxx MA 2017
Demystifying Docker Networking Devoxx MA 2017Demystifying Docker Networking Devoxx MA 2017
Demystifying Docker Networking Devoxx MA 2017
 
Learning Python with Minecraft and my Dad - PyOhio 2018
Learning Python with Minecraft and my Dad - PyOhio 2018Learning Python with Minecraft and my Dad - PyOhio 2018
Learning Python with Minecraft and my Dad - PyOhio 2018
 
What's new in FreeBSD 10
What's new in FreeBSD 10What's new in FreeBSD 10
What's new in FreeBSD 10
 
Useful Python Libraries for Network Engineers - PyOhio 2018
Useful Python Libraries for Network Engineers - PyOhio 2018Useful Python Libraries for Network Engineers - PyOhio 2018
Useful Python Libraries for Network Engineers - PyOhio 2018
 
Modern Reconnaissance Phase on APT - protection layer
Modern Reconnaissance Phase on APT - protection layerModern Reconnaissance Phase on APT - protection layer
Modern Reconnaissance Phase on APT - protection layer
 
XFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnellingXFLTReat: a new dimension in tunnelling
XFLTReat: a new dimension in tunnelling
 

Similar to HTTP/3 is next generation HTTP

http3-quic-streaming-2020-200121234036.pdf
http3-quic-streaming-2020-200121234036.pdfhttp3-quic-streaming-2020-200121234036.pdf
http3-quic-streaming-2020-200121234036.pdfJunZhao68
 
Improving performance by changing the rules from fast to SPDY
Improving performance by changing the rules from fast to SPDYImproving performance by changing the rules from fast to SPDY
Improving performance by changing the rules from fast to SPDYCotendo
 
From Fast To SPDY
From Fast To SPDYFrom Fast To SPDY
From Fast To SPDYMike Belshe
 
WebRTC: A front-end perspective
WebRTC: A front-end perspectiveWebRTC: A front-end perspective
WebRTC: A front-end perspectiveshwetank
 
HTTP and 5G (fixed1)
HTTP and 5G (fixed1)HTTP and 5G (fixed1)
HTTP and 5G (fixed1)dynamis
 
So that was HTTP/2, what's next?
So that was HTTP/2, what's next?So that was HTTP/2, what's next?
So that was HTTP/2, what's next?Daniel Stenberg
 
Altitude SF 2017: Optimizing your hit rate
Altitude SF 2017: Optimizing your hit rateAltitude SF 2017: Optimizing your hit rate
Altitude SF 2017: Optimizing your hit rateFastly
 
HTTP/2 : why upgrading the web? - apidays Paris
HTTP/2 : why upgrading the web? - apidays ParisHTTP/2 : why upgrading the web? - apidays Paris
HTTP/2 : why upgrading the web? - apidays ParisQuentin Adam
 
IoT with Apache ActiveMQ, Camel & Spark
IoT with Apache ActiveMQ, Camel & SparkIoT with Apache ActiveMQ, Camel & Spark
IoT with Apache ActiveMQ, Camel & SparkRed Hat Developers
 
Deploying Plack Web Applications: OSCON 2011
Deploying Plack Web Applications: OSCON 2011Deploying Plack Web Applications: OSCON 2011
Deploying Plack Web Applications: OSCON 2011Tatsuhiko Miyagawa
 
Nuts and Bolts of WebSocket Devoxx 2014
Nuts and Bolts of WebSocket Devoxx 2014Nuts and Bolts of WebSocket Devoxx 2014
Nuts and Bolts of WebSocket Devoxx 2014Arun Gupta
 
REST in Peace. Long live gRPC!
REST in Peace. Long live gRPC!REST in Peace. Long live gRPC!
REST in Peace. Long live gRPC!QAware GmbH
 
Cloud native IPC for Microservices Workshop @ Containerdays 2022
Cloud native IPC for Microservices Workshop @ Containerdays 2022Cloud native IPC for Microservices Workshop @ Containerdays 2022
Cloud native IPC for Microservices Workshop @ Containerdays 2022QAware GmbH
 
HTTP/2 What's inside and Why
HTTP/2 What's inside and WhyHTTP/2 What's inside and Why
HTTP/2 What's inside and WhyAdrian Cole
 
WebRTC Reborn - Full Stack
WebRTC Reborn - Full StackWebRTC Reborn - Full Stack
WebRTC Reborn - Full StackDan Jenkins
 
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYCPractical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYCAlexandre Gouaillard
 
DIY Internet: Snappy, Secure Networking with MinimaLT (JSConf EU 2013)
DIY Internet: Snappy, Secure Networking with MinimaLT (JSConf EU 2013)DIY Internet: Snappy, Secure Networking with MinimaLT (JSConf EU 2013)
DIY Internet: Snappy, Secure Networking with MinimaLT (JSConf EU 2013)Igalia
 

Similar to HTTP/3 is next generation HTTP (20)

http3-quic-streaming-2020-200121234036.pdf
http3-quic-streaming-2020-200121234036.pdfhttp3-quic-streaming-2020-200121234036.pdf
http3-quic-streaming-2020-200121234036.pdf
 
Improving performance by changing the rules from fast to SPDY
Improving performance by changing the rules from fast to SPDYImproving performance by changing the rules from fast to SPDY
Improving performance by changing the rules from fast to SPDY
 
From Fast To SPDY
From Fast To SPDYFrom Fast To SPDY
From Fast To SPDY
 
WebRTC: A front-end perspective
WebRTC: A front-end perspectiveWebRTC: A front-end perspective
WebRTC: A front-end perspective
 
SPDY - or maybe HTTP2.0
SPDY - or maybe HTTP2.0SPDY - or maybe HTTP2.0
SPDY - or maybe HTTP2.0
 
HTTP and 5G (fixed1)
HTTP and 5G (fixed1)HTTP and 5G (fixed1)
HTTP and 5G (fixed1)
 
So that was HTTP/2, what's next?
So that was HTTP/2, what's next?So that was HTTP/2, what's next?
So that was HTTP/2, what's next?
 
Altitude SF 2017: Optimizing your hit rate
Altitude SF 2017: Optimizing your hit rateAltitude SF 2017: Optimizing your hit rate
Altitude SF 2017: Optimizing your hit rate
 
HTTP/2 : why upgrading the web? - apidays Paris
HTTP/2 : why upgrading the web? - apidays ParisHTTP/2 : why upgrading the web? - apidays Paris
HTTP/2 : why upgrading the web? - apidays Paris
 
IoT with Apache ActiveMQ, Camel & Spark
IoT with Apache ActiveMQ, Camel & SparkIoT with Apache ActiveMQ, Camel & Spark
IoT with Apache ActiveMQ, Camel & Spark
 
Deploying Plack Web Applications: OSCON 2011
Deploying Plack Web Applications: OSCON 2011Deploying Plack Web Applications: OSCON 2011
Deploying Plack Web Applications: OSCON 2011
 
Nuts and Bolts of WebSocket Devoxx 2014
Nuts and Bolts of WebSocket Devoxx 2014Nuts and Bolts of WebSocket Devoxx 2014
Nuts and Bolts of WebSocket Devoxx 2014
 
REST in Peace. Long live gRPC!
REST in Peace. Long live gRPC!REST in Peace. Long live gRPC!
REST in Peace. Long live gRPC!
 
Http2
Http2Http2
Http2
 
Cloud native IPC for Microservices Workshop @ Containerdays 2022
Cloud native IPC for Microservices Workshop @ Containerdays 2022Cloud native IPC for Microservices Workshop @ Containerdays 2022
Cloud native IPC for Microservices Workshop @ Containerdays 2022
 
HTTP/2 What's inside and Why
HTTP/2 What's inside and WhyHTTP/2 What's inside and Why
HTTP/2 What's inside and Why
 
SPDY
SPDYSPDY
SPDY
 
WebRTC Reborn - Full Stack
WebRTC Reborn - Full StackWebRTC Reborn - Full Stack
WebRTC Reborn - Full Stack
 
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYCPractical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
 
DIY Internet: Snappy, Secure Networking with MinimaLT (JSConf EU 2013)
DIY Internet: Snappy, Secure Networking with MinimaLT (JSConf EU 2013)DIY Internet: Snappy, Secure Networking with MinimaLT (JSConf EU 2013)
DIY Internet: Snappy, Secure Networking with MinimaLT (JSConf EU 2013)
 

More from Daniel Stenberg

mastering libcurl part 2
mastering libcurl part 2mastering libcurl part 2
mastering libcurl part 2Daniel Stenberg
 
mastering libcurl part 1
mastering libcurl part 1mastering libcurl part 1
mastering libcurl part 1Daniel Stenberg
 
curl - openfourm europe.pdf
curl - openfourm europe.pdfcurl - openfourm europe.pdf
curl - openfourm europe.pdfDaniel Stenberg
 
curl experiments - curl up 2022
curl experiments - curl up 2022curl experiments - curl up 2022
curl experiments - curl up 2022Daniel Stenberg
 
curl security - curl up 2022
curl security - curl up 2022curl security - curl up 2022
curl security - curl up 2022Daniel Stenberg
 
HTTP/3 in curl - curl up 2022
HTTP/3 in curl - curl up 2022HTTP/3 in curl - curl up 2022
HTTP/3 in curl - curl up 2022Daniel Stenberg
 
Let me tell you about curl
Let me tell you about curlLet me tell you about curl
Let me tell you about curlDaniel Stenberg
 
Writing safe and secure code
Writing safe and secure codeWriting safe and secure code
Writing safe and secure codeDaniel Stenberg
 
Säker kod (secure code)
Säker kod (secure code)Säker kod (secure code)
Säker kod (secure code)Daniel Stenberg
 
You know what's cool? Running on a billion devices
You know what's cool? Running on a billion devicesYou know what's cool? Running on a billion devices
You know what's cool? Running on a billion devicesDaniel Stenberg
 

More from Daniel Stenberg (13)

mastering libcurl part 2
mastering libcurl part 2mastering libcurl part 2
mastering libcurl part 2
 
mastering libcurl part 1
mastering libcurl part 1mastering libcurl part 1
mastering libcurl part 1
 
curl - openfourm europe.pdf
curl - openfourm europe.pdfcurl - openfourm europe.pdf
curl - openfourm europe.pdf
 
curl experiments - curl up 2022
curl experiments - curl up 2022curl experiments - curl up 2022
curl experiments - curl up 2022
 
curl security - curl up 2022
curl security - curl up 2022curl security - curl up 2022
curl security - curl up 2022
 
HTTP/3 in curl - curl up 2022
HTTP/3 in curl - curl up 2022HTTP/3 in curl - curl up 2022
HTTP/3 in curl - curl up 2022
 
The state of curl 2022
The state of curl 2022The state of curl 2022
The state of curl 2022
 
Let me tell you about curl
Let me tell you about curlLet me tell you about curl
Let me tell you about curl
 
The state of curl 2020
The state of curl 2020The state of curl 2020
The state of curl 2020
 
Writing safe and secure code
Writing safe and secure codeWriting safe and secure code
Writing safe and secure code
 
The state of curl 2019
The state of curl 2019The state of curl 2019
The state of curl 2019
 
Säker kod (secure code)
Säker kod (secure code)Säker kod (secure code)
Säker kod (secure code)
 
You know what's cool? Running on a billion devices
You know what's cool? Running on a billion devicesYou know what's cool? Running on a billion devices
You know what's cool? Running on a billion devices
 

Recently uploaded

A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 

Recently uploaded (20)

A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 

HTTP/3 is next generation HTTP

  • 1. is next generation HTTP Is it enough? Daniel Stenberg GOTOpia November 2020
  • 5. HTTP 1 to 2 to 3HTTP 1 to 2 to 3 ProblemsProblems Why QUIC and how it worksWhy QUIC and how it works HTTP/3HTTP/3 ChallengesChallenges Coming soon!Coming soon! @bagder@bagder
  • 6. Q&A in the end!Q&A in the end! @bagder@bagder …… and in #programming in the GOTOpia slackand in #programming in the GOTOpia slack
  • 8. Under the hood GET / HTTP/1.1 Host: www.example.com Accept: */* User-Agent: HTTP-eats-the-world/2020 HTTP/1.1 200 OK Date: Thu, 09 Nov 2018 14:49:00 GMT Server: my-favorite v3 Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT Content-Length: 12345 Set-Cookie: this-is-simple=yeah-really; Content-Type: text/html [content] @bagder@bagder
  • 9. HTTP started done over TCP @bagder@bagder
  • 10. TCPTCP TCP is transport over IP Establishes a “connection” 3-way handshake Resends lost packages A reliable byte stream Clear text @bagder@bagder
  • 11. HTTPS means TCP + TLS + HTTP @bagder@bagder
  • 12. @bagder@bagder Web pages over HTTPS in Firefox
  • 14. TLSTLS TLS is done over TCP for HTTP/1 or 2 Transport Layer Security Additional handshake Privacy and security @bagder@bagder
  • 17. HTTP/1.1HTTP/1.1 Shipped January 1997 Many parallel TCP connections Better but ineffective TCP use HTTP head-of-line-blocking Numerous work-arounds @bagder@bagder
  • 18. HTTP/2HTTP/2 Shipped May 2015 Uses single connection per host Many parallel streams TCP head-of-line-blocking @bagder@bagder
  • 19. OssificationOssification Internet is full of boxes Routers, gateways, firewalls, load balancers, NATs... Boxes run software to handle network data Middle-boxes work on existing protocols Upgrade much slower than edges @bagder@bagder
  • 21. Middle-boxes prevent HTTP/2 in clear textHTTP/2 in clear text TCP improvements like TFOTCP improvements like TFO TCP/UDP replacementsTCP/UDP replacements HTTP brotliHTTP brotli Future innovationsFuture innovations …… unless encryptedunless encrypted @bagder@bagder
  • 22. Improvement in spite of ossification @bagder@bagder
  • 25. A new transport protocol @bagder@bagder
  • 26. Built on experiences by Google QUIC Google deployed “http2 frames over UDP”-QUIC in 2013Google deployed “http2 frames over UDP”-QUIC in 2013 Widely used clientWidely used client Widely used web servicesWidely used web services Proven to work at web scaleProven to work at web scale Taken to the IETF in 2015Taken to the IETF in 2015 QUIC working group started 2016QUIC working group started 2016 IETF QUIC is now very different than Google QUIC wasIETF QUIC is now very different than Google QUIC was @bagder@bagder
  • 27. Improvements TCP head of line blockingTCP head of line blocking Faster handshakesFaster handshakes Earlier dataEarlier data Connection-IDConnection-ID More encryption, alwaysMore encryption, always Future developmentFuture development @bagder@bagder
  • 28. Build on top of UDP TCP and UDP remain “the ones”TCP and UDP remain “the ones” Use UDP instead of IPUse UDP instead of IP Reliable transport protocol - inReliable transport protocol - in user-spaceuser-space A little like TCP + TLSA little like TCP + TLS @bagder@bagder
  • 30. Application protocols over QUICApplication protocols over QUIC Streams for free Could be “any protocol” HTTP worked on as the first Others are planned to follow @bagder@bagder
  • 31. HTTP/3 = HTTP over QUIC @bagder@bagder
  • 32. HTTP – same but different RequestRequest - method + path- method + path - headers- headers - body- body ResponseResponse - response code- response code - headers- headers - body- body @bagder@bagder
  • 33. HTTP – same but different HTTP/1 – in ASCII over TCP HTTP/2 – binary multiplexed over TCP HTTP/3 – binary over multiplexed QUIC @bagder@bagder
  • 34. HTTPS stacks: old vs new TCP TLS HTTP/2 UDP HTTP/3 QUIC TLS 1.3 IP HTTP/1 @bagder@bagder streams
  • 35. HTTP feature comparison @bagder@bagder HTTP/2 HTTP/3 Transport TCP QUIC Streams HTTP/2 QUIC Clear-text version Yes No Independent streams No Yes Header compression HPACK QPACK Server push Yes Yes Early data In theory Yes 0-RTT Handshake No Yes Prioritization Messy Changes
  • 36. HTTP/3 is fasterHTTP/3 is faster Faster handshakes Improved loss-recovery Early data that works The independent streams By how much remains to be measured! @bagder@bagder (Thanks to QUIC)(Thanks to QUIC)
  • 37. What they sayWhat they say “We've found that IETF QUIC significantly outperforms HTTP over TLS 1.3 over TCP.” / Google “QUIC and HTTP/3 generally outperform TCP and HTTP/2, which in turn outperform TCP and HTTP/1.1.” / Facebook @bagder@bagder
  • 38. HTTPS:// is TCP? HTTPS:// URLs are everywhereHTTPS:// URLs are everywhere TCP (and TLS) on TCP port 443TCP (and TLS) on TCP port 443 @bagder@bagder
  • 39. This service - over there! The Alt-Svc: response header Another host, protocol or port number is the same “origin” This site also runs on HTTP/3 “over there”, for the next NNNN seconds @bagder@bagder
  • 40. Race connections? Might be faster Probably needed anyway QUIC connections verify the cert HTTPS RR – alt-svc: done in DNS @bagder@bagder
  • 42. UDP challenges 3-7% of QUIC attempts fail Clients need fall back algorithms QUIC looks like a DDOS attack @bagder@bagder
  • 43. CPU hog higher CPU use Unoptimized UDP stacks Non-ideal UDP APIs Missing hardware offload @bagder@bagder
  • 44. The TLS situation (1/3) TLS was made for TCP TLS is sent over TCP as records containing individual messages QUIC uses TLS messages No TLS library support(ed) TLS messages QUIC also needs additional secrets @bagder@bagder
  • 45. The TLS situation (2/3) @bagder@bagder Record 0 Message 0 Message 1 Record 1 Message 2 Message 3TCPTCP Message 0 Message 1 Message 2 Message 3 QUICQUIC
  • 46. The TLS situation (3/3) OpenSSL is the world’s leading TLS library OpenSSL postponed QUIC work to “after 3.0” OpenSSL was an issue already for HTTP/2 deployment while further along @bagder@bagder
  • 47. Userland All QUIC stacks are user-land No standard QUIC API Will it be moved to kernels? @bagder@bagder
  • 48. Tooling Needs new tooling Hooray for qlog & qvis @bagder@bagder
  • 50. Implementations Over a dozen QUIC and HTTP/3 implementations Google, Mozilla, Apple, Facebook, Microsoft, Akamai, Fastly, Cloudflare, F5, LiteSpeed, Apache, and more C, C++, Go, Rust, Python, Java, TypeScript, Erlang Monthly interops @bagder@bagder
  • 51. HTTP/3 Implementation Status curl Chrome and Edge Canary, Firefox Nightly, Safari 14 Beta Caddy and LiteSpeed NGINX “tech preview” nginx-patch + quiche BoringSSL and GnuTLS Wireshark @bagder@bagder No Apache httpd No IIS No OpenSSL (PR #8797)
  • 53. Sites on HTTP/3 – right now! Facebook Instagram Google Youtube Cloudflare https://bagder.github.io/HTTP3-test/ @bagder@bagder
  • 54. in ExperimentalExperimental h3-32 works! Alt-svcAlt-svc support is there Based on ngtcp2ngtcp2 and FallbackFallback is tricky @bagder@bagder Try it! Try it!
  • 55. $ curl --http3 https://example.com/ HTTP/3 200 date: Wed, 09 Oct 2019 11:16:06 GMT content-type: text/html content-length: 10602 set-cookie: crazy=d8bc7e7; expires=Thu, 08-Oct-22 11:16:06 GMT; path=/; domain=example.com; alt-svc: h3-32=":443"; ma=86400 @bagder@bagder curl HTTP/3 command line
  • 56. HTTP/3 will take timeHTTP/3 will take time HTTP/3 will grow slowerHTTP/3 will grow slower Some will stick to HTTP/2Some will stick to HTTP/2 QUIC is for the long termQUIC is for the long term @bagder@bagder
  • 57. FutureFuture MultipathMultipath Unreliable streamsUnreliable streams More application protocolsMore application protocols @bagder@bagder Partial reliabilityPartial reliability
  • 58. Take-aways HTTP/3 is comingHTTP/3 is coming HTTP/3 is always encryptedHTTP/3 is always encrypted Similar to HTTP/2 but over QUICSimilar to HTTP/2 but over QUIC QUIC is transport over UDPQUIC is transport over UDP Challenges to overcomeChallenges to overcome Early 2021?Early 2021? @bagder@bagder
  • 60. Daniel Stenberg @bagder https://daniel.haxx.se/ Thank you!Thank you! Questions?Questions? @bagder@bagder
  • 61. License This presentation is provided under the Creative Commons Attribution 4.0 International Public License @bagder@bagder
  • 62. Links to data and more info QUIC drafts: https://quicwg.github.io/ DATAGRAM: https://tools.ietf.org/html/draft-pauly-quic-datagram-05 QUIC multipath: https://tools.ietf.org/html/draft-deconinck-quic-multipath-03 HTTPS stats Firefox: https://letsencrypt.org/stats/#percent-pageloads Chrome is deploying HTTP/3 and IETF QUIC: https://blog.chromium.org/2020/10/chrome-is-deploying-http3-and-ietf-quic.html How Facebook is bringing QUIC to billions: https://engineering.fb.com/2020/10/21/networking-traffic/how-facebook-is-bringing-quic-to-billions/ Web Transport: https://w3c.github.io/webtransport/ Images: http://www.simonstalenhag.se/ and https://pixabay.com/ HTTP/3 Explained: https://http3-explained.haxx.se/ QUIC implementations: https://github.com/quicwg/base-drafts/wiki/Implementations Nginx + quiche: https://github.com/cloudflare/quiche/tree/master/extras/nginx HTTPSSVC: https://tools.ietf.org/html/draft-ietf-dnsop-svcb-httpssvc-03 qlog: https://github.com/quiclog/internet-drafts qvis: https://qvis.edm.uhasselt.be Build curl with HTTP/3: https://github.com/curl/curl/blob/master/docs/HTTP3.md @bagder@bagder