http/2 changes everything

Changes Everything

HTTP

How we got here

1996HTTP 1.0

1999HTTP 1.1

2009SPDY 1.0

2015HTTP 2.0

Cloud MobilityRise of the Internet as a

Platform

Web 2.0

Why did we need HTTP 1.1?

• Caching• Hierarchical proxy support• Persistent connections• Virtual host support • TCP inefficiencies • Authentication • Issues with increasing size of content

1999

HTTP 1.1

HTTP/1.0

• Single request/response per connection

• Host header optional

• Limited support for caching

HTTP/1.1

• Multiple requests and responses per connection

• Required Host header

• Conditional caching headers

• Digest authentication and proxy authentication

• Chunked transfer encoding

• Connection header

• Enhanced compression support

HTTP/1.1 was an effort to address a number of efficiency and performance issues with HTTP/1.0

HTTP 1.0 vs HTTP 1.1

Client AppsClient Apps

May I have a picture of a house please

Hello

Hello

Sure, here you go

Thanks, bye

Hello

Bye

Hello

May I have a picture of a house please.

HelloHello

Here is the house

May I also have a picture of a car.

Here is the car

Thanks, bye

Bye

Interlude

Why did we need SPDY

• Mobile network latency • Reduction in resource availability on mobile

clients • Residual TCP inefficiencies carried forward

with HTTP 1.1 • Issues with increasing size and types of

content

2009

SPDY

HTTP/1.1

• Single request/response at a time

• Browsers use multiple connections to achieve concurrent requests and responses

• Requests and responses are verbose

– Text based, many headers

SPDY• Interleave multiple requests and

responses in parallel without blocking on any one

• Use a single connection for multiple requests and responses in parallel

• Gzip compresses headers• Eliminates the needs for certain HTTP/1.1

page optimization techniques• Extras:

– Introduces request priorities– Enables content push

• SPDY requires TLS

SPDY is a protocol, defined by Google, that offers HTTP/1.1 semantics, but uses a different wire format.

Changes Everything

HTTP

Why do we need HTTP/2?

• Mobile network latency • Residual TCP inefficiencies carried forward

with HTTP 1.1 • Increasing size and types of content • SPDY not under the auspices of a

standards body

2015

Differences from SPDY

SPDY

• Gzip/deflate header compression

– Largely disabled because of CRIME

• TLS mandatory

– Uses TLS extension NPN

• No crypto strength requirements

HTTP/2

• Dedicated header compression scheme (HPACK)

• TLS optional

– Upgrade mechanism as alternative

– Uses TLS extension ALPN

• HTTP/2 requires stronger cryptography*

– Ephemeral keys only

– Preferring AEAD modes like CGM

– Minimal key sizes 128 bit EC, 2048 bit RSA

– Enforced by browsers

HTTP/2 is based on SPDY. Here are some of the differences.

HTTP 1.1 vs HTTP 2

Client AppsClient Apps

May I have a picture of a house please.

HelloHello

Here is the house

May I also have a picture of a car.

Here is the car

Thanks, bye

Bye

May I have a picture of a house please.

Hello

And a car

Here is the house

Here is the car

And a catHere is the dog

Thanks, bye Bye

May I also have a picture of a dog.

Here is the dog

And a dog

Here is the cat

Hello

Evolution

1996HTTP 1.0

1999HTTP 1.1

2009SPDY 1.0

2015HTTP 2.0

• Persistent connections• Virtual host support • Conditional caching • Digest authentication • Chunked transfer encoding• Enhanced compression

• Header compression• Security requirements • Interleaving requests and responses• Push operations • Binary instead of textual

Implications The changes to HTTP/2 such as the move to a binary wire format rather than text means HTTP/1.1 and HTTP/2 are not compatible.

While the working group did not have consensus to require security (TLS or SSL) most browser implementations require security to take advantage of HTTP/2

This means infrastructure that interacts with HTTP must be able to speak both HTTP/1.1 and HTTP/2

This means infrastructure will be effectively blinded as it is unable to execute on encrypted traffic

Gateway

HTTP

© F5 Networks, Inc 16

HTTP 2.0 and SPDY 3.1 Gateways

Protocol Gateways

Origin Servers

BIG-IP Platform

Images

HTTP 1.1/1.0

Devices

HTTP 2.0

HTTP 1.1/1.0

SPDY 3.1/3,0/2.0

Converts from SPDY 3.1/3.0/2.0 or HTTP 2.0 to HTTP 1.x

HTTP

THANK YOU