SlideShare a Scribd company logo

Revisiting HTTP/2

Fastly
Fastly

RFC 7540 was ratified over 2 years ago and, today, all major browsers, servers, and CDNs support the next generation of HTTP. Just over a year ago, at Velocity (https://www.slideshare.net/Fastly/http2-what-no-one-is-telling-you), we discussed the protocol, looked at some real world implications of its deployment and use, and what realistic expectations we should have from its use. Now that adoption is ramped up and the protocol is being regularly used on the Internet, it's a good time to revisit the protocol and its deployment. Has it evolved? Have we learned anything? Are all the features providing the benefits we were expecting? What's next? In this session, we'll review protocol basics and try to answer some of these questions based on real-world use of it. We'll dig into the core features like interaction with TCP, server push, priorities and dependencies, and HPACK. We'll look at these features through the lens of experience and see if good practice patterns have emerged. We'll also review available tools and discuss what protocol enhancements are in the near and not-so-near horizon.

Technology
1 of 193
Download to read offline
Revisiting HTTP/2 Hooman Beheshti
https://caniuse.com/#search=http2
https://istlsfastyet.com/
https://istlsfastyet.com/
https://www.fastly.com/
% of overall requests on Fastly’s network (2017) %ofrequests 0% 25% 50% 75% 100%January February M arch April M ay June July August Septem ber O ctober N ovem ber D ecem ber HTTP/2
httparchive.org
httparchive.org
https://youtu.be/CkFEoZwWbGQ
Revisiting HTTP/2 • Core concepts • Major features - HTTP and TCP - Server push - Priorities and dependencies - HPACK • Has anything changed? Have we learned anything? • What’s next?
HTTP/2 The basics
Binary protocol
Connection
connection
connection • A single, long lasting connection • Theoretically, this means better congestion management between peers • TLS/ALPN • Connection reuse across domains
connection stream stream stream …
Streams • Virtual communication channels - Translate roughly to a request/response exchange - Either side can initiate a stream • Stream IDs - Client: odd; server: even; 0: reserved - Each ID must be larger than the last - Cannot be reused
+--------+ send PP | | recv PP ,--------| idle |--------. / | | v +--------+ v +----------+ | +----------+ | | | send H / | | ,------| reserved | | recv H | reserved |------. | | (local) | | | (remote) | | | +----------+ v +----------+ | | | +--------+ | | | | recv ES | | send ES | | | send H | ,-------| open |-------. | recv H | | | / | | | | | v v +--------+ v v | | +----------+ | +----------+ | | | half | | | half | | | | closed | | send R / | closed | | | | (remote) | | recv R | (local) | | | +----------+ | +----------+ | | | | | | | | send ES / | recv ES / | | | | send R / v send R / | | | | recv R +--------+ recv R | | | send R / `----------->| |<-----------' send R / | | recv R | closed | recv R | `----------------------->| |<----------------------' +--------+ send: endpoint sends this frame recv: endpoint receives this frame H: HEADERS frame (with implied CONTINUATIONs) PP: PUSH_PROMISE frame (with implied CONTINUATIONs) ES: END_STREAM flag R: RST_STREAM frame
connection stream stream stream … frame frame frame frame frame frame frame frame frame frame frame frame frame frame frame frame frame frame frame
GET /thing HTTP/1.1 Host: www.example.com User-Agent: Some_user_agent HTTP/1.1 200 OK Server: some_server Content-Type: text/html Content-Length: 1000 html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html Request Response
GET /thing HTTP/1.1 Host: www.example.com User-Agent: Some_user_agent HTTP/1.1 200 OK Server: some_server Content-Type: text/html Content-Length: 1000 html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html Request Response HEADERS
GET /thing HTTP/1.1 Host: www.example.com User-Agent: Some_user_agent HTTP/1.1 200 OK Server: some_server Content-Type: text/html Content-Length: 1000 html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html HEADERS HEADERS Request Response
GET /thing HTTP/1.1 Host: www.example.com User-Agent: Some_user_agent HTTP/1.1 200 OK Server: some_server Content-Type: text/html Content-Length: 1000 html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html DATA DATA DATA DATA DATA DATA HEADERS Request Response HEADERS
DATA Carries request or response data HEADERS Carries request/response headers/trailers; can initiate a stream PRIORITY Indicates priority of a stream RST_STREAM Terminates a stream SETTINGS Defines parameters for the connection only PUSH_PROMISE Signals peer for server push PING Maintenance frame for checking RTT, connection, etc GOAWAY For shutting down a connection WINDOW_UPDATE Frame responsible for flow control adjustments CONTINUATION Extends a HEADERS frame and can carry more headers
DATA Carries request or response data HEADERS Carries request/response headers/trailers; can initiate a stream PRIORITY Indicates priority of a stream RST_STREAM Terminates a stream SETTINGS Defines parameters for the connection only PUSH_PROMISE Signals peer for server push PING Maintenance frame for checking RTT, connection, etc GOAWAY For shutting down a connection WINDOW_UPDATE Frame responsible for flow control adjustments CONTINUATION Extends a HEADERS frame and can carry more headers
TCP TLS TLS Record Header: valuern Header: valuern Header: valuern rn Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body HTTP/1
HTTP/2 Frame TCP TLS TLS Record HTTP/2 Frame HTTP/2 Frame … Stream ID Stream ID Stream ID TCP TLS TLS Record Header: valuern Header: valuern Header: valuern rn Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body HTTP/1 HTTP/2
Protocol flow
HTTP/1 connection request response
HTTP/2 connection (sid=1) DATA (sid=1) DATA (sid=1) DATA (sid=1) HEADERS (sid=1) HEADERS
HTTP/1 connection request response
HTTP/1 connection request response Head-of-line blocking: nothing else can happen over the connection while busy with request/response
connection request response HTTP/1 connection request response connection request response connection request response
HTTP/2 connection (sid=3) DATA (sid=1) DATA (sid=5) HEADERS (sid=3) DATA (sid=1) HEADERS (sid=3) HEADERS (sid=11) HEADERS (sid=13) HEADERS (sid=15) HEADERS (sid=13) DATA (sid=13) DATA (sid=17) HEADERS
Multiplexing & Interleaving
HTTP/1.1
HTTP/1.1 HTTP/2
HTTP/2 & TCP
Performance
The perfect page
Private WebpageTest 5Mbps/1Mbps, 40ms latency Chrome; h1 vs h2
PLR
Firefox
780Kbps/330Kbps, 200ms latency
      0% PLR 2% PLR 5Mbps/1Mbps 40ms 780Kbps/330Kbps 200ms 5Mbps/1Mbps 40ms 780Kbps/330Kbps 200ms Doc Complete h2 h2 h2 h2 h1 h1 h1 h1 DCL Start h1 h1 h2 h1 h1 h1 h2 h1 Speed Index h2/h1 h2 h2 h2 h1 h1 h2 h2
0% PLR 2% PLR 5Mbps/1Mbps; 40ms 780Kbps/330Kbps; 200ms 5Mbps/1Mbps; 40ms 780Kbps/330Kbps; 200ms Site1a (Fastly) DocComplete h2 h2 h2 h1 h1 h1 h1 h1 DCL Start h2 h1 h2 h2 h2/h1 h1 h2 h2 Speed Index h1 h2 h2 h2 h1 h2/h1 h2/h1 h2 Site1b DocComplete h2/h1 h2 h2 h2 h1 h2 h1 h2/h1 DCL Start h1 h2 h1 h1 h1 h2/h1 h1 h1 Speed Index h1 h2 h2 h1 h1 h2/h1 h1 h1 Site1c DocComplete h1/h2 h2 h2 h2 h1 h1 h1 h1 DCL Start h1 h1/h2 h1 h1 h1 h2 h1 h1 Speed Index h2 h2 h1 h2 h1 h2 h1 h1 Site2a DocComplete h2 h2 h2 h2 h1 h2/h1 h1 h1 DCL Start h2 h2 h2 h2 h1 h1 h1 h1 Speed Index h1 h2 h1 h2 h1 h2 h1 h2 Site2b DocComplete h2 h2 h2 h2 h1 h1/h2 h1 h1 DCL Start h2 h2 h1 h2 h1 h2 h1 h2 Speed Index h2 h1/h2 h1 h1/h2 h2 h2 h1 h1 Site3a DocComplete h2 h2 h1 h2 h2 h2 h1 h1 DCL Start h2 h2 h2 h2 h2 h2 h2 h2 Speed Index h2 h2 h1 h1 h1/h2 h1/h2 h1 h1 Site3b DocComplete h2 h2 h2 h1/h2 h2 h2/h1 h2 h2 DCL Start h2 h2 h2 h2 h2 h2 h2 h2 Speed Index h1 h2 h1 h1 h1 h2 h1 h1 Site3c DocComplete h1 h2 h2 h2 h1 h2 h2 h2 DCL Start h1/h2 h2 h1 h1/h2 h2/h1 h2 h1 h2/h1 Speed Index h1 h2 h2 h2 h2 h2 h2 h2
Why?
Head of line blocking in TCP
Some reading… • http://c3lab.poliba.it/images/3/3b/QUIC_SAC15.pdf • https://www.usenix.org/system/files/conference/nsdi14/nsdi14-paper- wang_xiao_sophia.pdf • http://arxiv.org/pdf/1507.06562v1.pdf • http://nl.cs.montana.edu/lab/publications/Goel_H2_extended.pdf • https://99designs.com.au/tech-blog/blog/2016/07/14/real-world-http-2-400gb-of- images-per-day/
Takeaways (then) • Despite the experiment flaws, performance benefits are less than clear cut, out of the box • Seemed best: - Not listen to anyone! - Try for yourself
Has anything changed?
BBR
https://github.com/google/bbr/blob/master/Presentations/bbr-2017-02-08-google-net-research-summit.pdf
https://cloudplatform.googleblog.com/2017/07/TCP-BBR-congestion-control-comes-to-GCP-your-Internet-just-got-faster.html
Bountifully Beneficial Reading • https://github.com/google/bbr/blob/master/ Presentations/bbr-2017-02-08-google-net- research-summit.pdf • https://github.com/google/bbr • https://dl.acm.org/citation.cfm?id=3009824 • https://arxiv.org/pdf/1706.09115.pdf
https://twitter.com/amernetflix/status/892787364598132736
https://blogs.dropbox.com/tech/2017/09/optimizing-web-servers-for-high-throughput-and-low-latency/
BBR Cubic a single 1MB object download
BBR Cubic a single 1MB object download
BBR Cubic a single 1MB object download
BBR Cubic a single 1MB object download
BBR Cubic a single 1MB object download
BBR Cubic a single 1MB object download
perf (p50) cwnd retrans
BBR things… • Is BBR a good network citizen? • “network waterboarding” • There’s still work to do
Coalescing
https://daniel.haxx.se/blog/2016/08/18/http2-connection-coalescing/
Origin frame • List of domains eligible for coalescing - Cert still needs to match • Empty frame signals no coalescing - Fall back to SNI • Obviates DNS lookups for listed domains
Origin frame • List of domains eligible for coalescing - Cert still needs to match • Empty frame signals no coalescing - Fall back to SNI • Obviates DNS lookups for listed domains
Origin frame • List of domains eligible for coalescing - Cert still needs to match • Empty frame signals no coalescing - Fall back to SNI • Obviates DNS lookups for listed domains
The connection is an authoritative and secure context
The connection is an authoritative and secure context
h2 and TCP • Performance benefits? - Jury’s still out - BBR helps, but pros/cons aren’t totally clear yet - It’s still best to figure out what’s best for you on your own! • The context of a connection is being relied on more and more
HTTP/2 Server Push
Push basic • “push” a resource to the client before it’s requested • Only servers can push • Hop-by-hop • Triggered by PUSH_PROMISE frame
connection
connection
connection
What to push? • A replacement for inlining - All the RTT-saving benefits + caching • Google paper: - https://docs.google.com/a/fastly.com/drawings/d/ 1mWwY_MeNAjzDRCF0uT97KgN0lh_jX79a53X6iOuH_Is/pub?w=2330&h=1350 • Facebook: - https://www.facebook.com/atscaleevents/videos/1775942979345465/ • TTFMP: - https://youtu.be/4pQ2byAoIX0
Link: </css1.css>; rel=preload; as=style https://w3c.github.io/preload/
Doesn’t Link rel=preload already mean something to the browser?
Link: </css1.css>; rel=preload; as=style; nopush https://w3c.github.io/preload/
Link: </css1.css>; rel=preload; as=style; x-http2-push-only
Benefits?
No push: Push:
That’s cool, but...
Non-header trigger
“Async” Push
Push with Link header Async Push
of course it isn’t that simple…
The client cache
RST_STREAM
RST_STREAM
No Push First view Repeat view
Push First view Repeat view pushed pushed
https://blog.yoav.ws/tale-of-four-caches/
Cache Digests http://httpwg.org/http-extensions/cache-digest.html
+-------------------------------+-------------------------------+
 | Origin-Len (16) | Origin? (*) ...
 +-------------------------------+-------------------------------+
 | Digest-Value? (*) ...
 +---------------------------------------------------------------+
We still have work to do...
https://jakearchibald.com/2017/h2-push-tougher-than-i-thought/
Adoption?
$varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 30000 is_push:0 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 US-West
$varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 30000 is_push:0 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 US-West
$varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 30000 is_push:0 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29994 is_push:0 6 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29990 is_push:0 10 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29998 is_push:0 2 is_push:1 US-East US-West
Pushing for push • Is the 1RTT worth the complexity? • 103 to the browser gives us the same benefit as the most important use-case • Cache digests may still be useful, regardless of push
Prioritization
Prioritization basics • Address possible contention because of all the concurrency • Stream weights • Dependency • HEADERS and PRIORITY frames • It’s only a “suggestion”
Example 1 • A gets ¾ of resources • B gets ¼ of resources * A 12 B 4 12/(12+4) 4/(12+4)
Example 1 • A gets ¾ of resources • B gets ¼ of resources * A 12 B 4 12/(12+4) 4/(12+4)
Example 2 • D gets all resources • After D is done, C gets all resources • Weights are meaningless since there are no siblings * D 1 C 8
Example 3 • D gets all resources • After D is done, C gets all resources • After C is done: - A gets ¾ of resources - B gets ¼ of resources * D 1 C 8 A 12 B 4
Example 4 • D gets all resources • After D is done: - C gets ½ of resources - E gets ½ of resources • After C is done: - A gets ¾ of C’s ½ of resources - B gets ¼ of C’s ½ of resources * D 1 C 8 A 12 B 4 E 8
https://speakerdeck.com/summerwind/2-prioritization
https://speakerdeck.com/summerwind/2-prioritization
https://speakerdeck.com/summerwind/2-prioritization
https://speakerdeck.com/summerwind/2-prioritization
https://github.com/deweerdt/h2priograph
Priority hints
https://discourse.wicg.io/t/manual-priority-control-of-resource-fetching/2280 https://github.com/WICG/priority-hints
HPACK
HPACK (RFC 7541) • Addresses the header bloat problem • Two primary mechanisms - All headers (name=value) are Huffman encoded - Indexed tables at each peer
Tables • Static table - Defined by the RFC, never changes • Dynamic table - Built during the connection and maintained by each side - FIFO
         +-------+-----------------------------+---------------+          | Index | Header Name                 | Header Value  |          +-------+-----------------------------+---------------+          | 1     | :authority                  |               |          | 2     | :method                     | GET           |          | 3     | :method                     | POST          |          | 4     | :path                       | /             |          | 5     | :path                       | /index.html   |          | 6     | :scheme                     | http          |          | 7     | :scheme                     | https         |          | 8     | :status                     | 200           |          | 9     | :status                     | 204           |          | 10    | :status                     | 206           |          | 11    | :status                     | 304           |          | 12    | :status                     | 400           |          | 13    | :status                     | 404           |          | 14    | :status                     | 500           |          | 15    | accept-charset              |               |          | 16    | accept-encoding             | gzip, deflate |          | 17    | accept-language             |               |          | 18    | accept-ranges               |               |          | 19    | accept                      |               |          | 20    | access-control-allow-origin |               |          | 21    | age                         |               |          | 22    | allow                       |               |          | 23    | authorization               |               |          | 24    | cache-control               |               |          | 25    | content-disposition         |               |          | 26    | content-encoding            |               |          | 27    | content-language            |               |          | 28    | content-length              |               |          | 29    | content-location            |               |          | 30    | content-range               |               |          +-------+-----------------------------+---------------+                       Table 1: Static Table Entries           +-------+-----------------------------+---------------+           | Index | Header Name                 | Header Value  |           +-------+-----------------------------+---------------+           | 31    | content-type                |               |           | 32    | cookie                      |               |           | 33    | date                        |               |           | 34    | etag                        |               |           | 35    | expect                      |               |           | 36    | expires                     |               |           | 37    | from                        |               |           | 38    | host                        |               |           | 39    | if-match                    |               |           | 40    | if-modified-since           |               |           | 41    | if-none-match               |               |           | 42    | if-range                    |               |           | 43    | if-unmodified-since         |               |           | 44    | last-modified               |               |           | 45    | link                        |               |           | 46    | location                    |               |           | 47    | max-forwards                |               |           | 48    | proxy-authenticate          |               |           | 49    | proxy-authorization         |               |           | 50    | range                       |               |           | 51    | referer                     |               |           | 52    | refresh                     |               |           | 53    | retry-after                 |               |           | 54    | server                      |               |           | 55    | set-cookie                  |               |           | 56    | strict-transport-security   |               |           | 57    | transfer-encoding           |               |           | 58    | user-agent                  |               |           | 59    | vary                        |               |           | 60    | via                         |               |           | 61    | www-authenticate            |               |           +-------+-----------------------------+---------------+                        Table 1: Static Table Entries
Tables • Static table - Defined by the RFC, never changes • Dynamic table - Built during the connection and maintained by each side - FIFO
Bytes browser => server Bytes server => browser
https://blogs.dropbox.com/tech/2016/05/enabling-http2-for-dropbox-web-services-experiences-and-observations/
HPACK - things to know • Default size is 4K - For entire dynamic table - Site-wide headers proposal: • https://mnot.github.io/I-D/site-wide-headers/ • Compression context is set per connection - New connection starts with blank dynamic table • Can’t turn it off • Can be an attack vector: - https://www.imperva.com/docs/Imperva_HII_HTTP2.pdf
content-security-policy:script-src https://connect.facebook.net https://cm.g.doubleclick.net https://ssl.google-analytics.com https:// graph.facebook.com https://twitter.com 'unsafe-eval' https://*.twimg.com https://api.twitter.com https://analytics.twitter.com https://publish.twitter.com https://ton.twitter.com https://syndication.twitter.com https://www.google.com 'nonce- Kk9FW3roM81U6D0LjPHpZw==' https://t.tellapart.com https://platform.twitter.com https://www.google-analytics.com blob: 'self'; frame- ancestors 'self'; font-src https://twitter.com https://*.twimg.com data: https://ton.twitter.com https://fonts.gstatic.com https:// maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com 'self'; media-src https://rmpdhdsnappytv-vh.akamaihd.net https://prod-video- eu-central-1.pscp.tv https://v.cdn.vine.co https://dwo3ckksxlb0v.cloudfront.net https://twitter.com https://amp.twimg.com https:// smmdhdsnappytv-vh.akamaihd.net https://*.twimg.com https://prod-video-eu-west-1.pscp.tv https://rmmdhdsnappytv-vh.akamaihd.net https://clips-media-assets.twitch.tv https://prod-video-us-west-2.pscp.tv https://prod-video-us-west-1.pscp.tv https://prod-video-ap- northeast-1.pscp.tv https://smdhdsnappytv-vh.akamaihd.net https://ton.twitter.com https://rmdhdsnappytv-vh.akamaihd.net https:// mmdhdsnappytv-vh.akamaihd.net https://smpdhdsnappytv-vh.akamaihd.net https://prod-video-sa-east-1.pscp.tv https://mdhdsnappytv- vh.akamaihd.net https://prod-video-ap-southeast-2.pscp.tv https://mtc.cdn.vine.co https://dev-video-us-west-2.pscp.tv https://prod- video-us-east-1.pscp.tv blob: 'self' https://prod-video-ap-southeast-1.pscp.tv https://mpdhdsnappytv-vh.akamaihd.net https://dev- video-eu-west-1.pscp.tv; connect-src https://rmpdhdsnappytv-vh.akamaihd.net https://prod-video-eu-central-1.pscp.tv https:// graph.facebook.com https://*.giphy.com https://dwo3ckksxlb0v.cloudfront.net https://vmaprel.snappytv.com https://smmdhdsnappytv- vh.akamaihd.net https://*.twimg.com https://embed.pscp.tv https://api.twitter.com https://prod-video-eu-west-1.pscp.tv https:// rmmdhdsnappytv-vh.akamaihd.net https://clips-media-assets.twitch.tv https://prod-video-us-west-2.pscp.tv https://pay.twitter.com https://prod-video-us-west-1.pscp.tv https://analytics.twitter.com https://vmap.snappytv.com https://*.twprobe.net https://prod- video-ap-northeast-1.pscp.tv https://smdhdsnappytv-vh.akamaihd.net https://syndication.twitter.com https://sentry.io https:// rmdhdsnappytv-vh.akamaihd.net https://media.riffsy.com https://mmdhdsnappytv-vh.akamaihd.net https://embed.periscope.tv https:// smpdhdsnappytv-vh.akamaihd.net https://prod-video-sa-east-1.pscp.tv https://vmapstage.snappytv.com https://upload.twitter.com https://proxsee.pscp.tv https://mdhdsnappytv-vh.akamaihd.net https://prod-video-ap-southeast-2.pscp.tv https://dev-video-us- west-2.pscp.tv https://prod-video-us-east-1.pscp.tv 'self' https://vmap.grabyo.com https://prod-video-ap-southeast-1.pscp.tv https:// mpdhdsnappytv-vh.akamaihd.net https://dev-video-eu-west-1.pscp.tv; style-src https://fonts.googleapis.com https://twitter.com https://*.twimg.com https://translate.googleapis.com https://ton.twitter.com 'unsafe-inline' https://platform.twitter.com https:// maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com 'self'; object-src https://twitter.com https://pbs.twimg.com; default-src 'self' blob:; frame-src https://staticxx.facebook.com https://twitter.com https://*.twimg.com https://5415703.fls.doubleclick.net https://player.vimeo.com https://pay.twitter.com https://www.facebook.com https://ton.twitter.com https://syndication.twitter.com https://vine.co twitter: https://www.youtube.com https://platform.twitter.com https://upload.twitter.com https://s- static.ak.facebook.com https://4337974.fls.doubleclick.net https://8122179.fls.doubleclick.net 'self' https://donate.twitter.com; img-src https://prod-profile.pscp.tv https://graph.facebook.com https://prod-thumbnail.pscp.tv https://*.giphy.com https:// twitter.com https://*.twimg.com https://ad.doubleclick.net data: https://clips-media-assets.twitch.tv https://lumiere-a.akamaihd.net https://fbcdn-profile-a.akamaihd.net https://www.facebook.com https://ton.twitter.com https://*.fbcdn.net https:// syndication.twitter.com https://media.riffsy.com https://www.google.com https://prod-profile.periscope.tv https:// stats.g.doubleclick.net https://platform.twitter.com https://api.mapbox.com https://www.google-analytics.com blob: https://prod- thumbnail-small.pscp.tv https://prod-thumbnail-small.periscope.tv 'self' https://prod-thumbnail.periscope.tv; report-uri https:// twitter.com/i/csp_report?a=NVQWGYLXFVZXO2LGOQ%3D%3D%3D%3D%3D%3D&ro=false;
content-security-policy:script-src https://connect.facebook.net https://cm.g.doubleclick.net https://ssl.google-analytics.com https:// graph.facebook.com https://twitter.com 'unsafe-eval' https://*.twimg.com https://api.twitter.com https://analytics.twitter.com https://publish.twitter.com https://ton.twitter.com https://syndication.twitter.com https://www.google.com 'nonce- Kk9FW3roM81U6D0LjPHpZw==' https://t.tellapart.com https://platform.twitter.com https://www.google-analytics.com blob: 'self'; frame- ancestors 'self'; font-src https://twitter.com https://*.twimg.com data: https://ton.twitter.com https://fonts.gstatic.com https:// maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com 'self'; media-src https://rmpdhdsnappytv-vh.akamaihd.net https://prod-video- eu-central-1.pscp.tv https://v.cdn.vine.co https://dwo3ckksxlb0v.cloudfront.net https://twitter.com https://amp.twimg.com https:// smmdhdsnappytv-vh.akamaihd.net https://*.twimg.com https://prod-video-eu-west-1.pscp.tv https://rmmdhdsnappytv-vh.akamaihd.net https://clips-media-assets.twitch.tv https://prod-video-us-west-2.pscp.tv https://prod-video-us-west-1.pscp.tv https://prod-video-ap- northeast-1.pscp.tv https://smdhdsnappytv-vh.akamaihd.net https://ton.twitter.com https://rmdhdsnappytv-vh.akamaihd.net https:// mmdhdsnappytv-vh.akamaihd.net https://smpdhdsnappytv-vh.akamaihd.net https://prod-video-sa-east-1.pscp.tv https://mdhdsnappytv- vh.akamaihd.net https://prod-video-ap-southeast-2.pscp.tv https://mtc.cdn.vine.co https://dev-video-us-west-2.pscp.tv https://prod- video-us-east-1.pscp.tv blob: 'self' https://prod-video-ap-southeast-1.pscp.tv https://mpdhdsnappytv-vh.akamaihd.net https://dev- video-eu-west-1.pscp.tv; connect-src https://rmpdhdsnappytv-vh.akamaihd.net https://prod-video-eu-central-1.pscp.tv https:// graph.facebook.com https://*.giphy.com https://dwo3ckksxlb0v.cloudfront.net https://vmaprel.snappytv.com https://smmdhdsnappytv- vh.akamaihd.net https://*.twimg.com https://embed.pscp.tv https://api.twitter.com https://prod-video-eu-west-1.pscp.tv https:// rmmdhdsnappytv-vh.akamaihd.net https://clips-media-assets.twitch.tv https://prod-video-us-west-2.pscp.tv https://pay.twitter.com https://prod-video-us-west-1.pscp.tv https://analytics.twitter.com https://vmap.snappytv.com https://*.twprobe.net https://prod- video-ap-northeast-1.pscp.tv https://smdhdsnappytv-vh.akamaihd.net https://syndication.twitter.com https://sentry.io https:// rmdhdsnappytv-vh.akamaihd.net https://media.riffsy.com https://mmdhdsnappytv-vh.akamaihd.net https://embed.periscope.tv https:// smpdhdsnappytv-vh.akamaihd.net https://prod-video-sa-east-1.pscp.tv https://vmapstage.snappytv.com https://upload.twitter.com https://proxsee.pscp.tv https://mdhdsnappytv-vh.akamaihd.net https://prod-video-ap-southeast-2.pscp.tv https://dev-video-us- west-2.pscp.tv https://prod-video-us-east-1.pscp.tv 'self' https://vmap.grabyo.com https://prod-video-ap-southeast-1.pscp.tv https:// mpdhdsnappytv-vh.akamaihd.net https://dev-video-eu-west-1.pscp.tv; style-src https://fonts.googleapis.com https://twitter.com https://*.twimg.com https://translate.googleapis.com https://ton.twitter.com 'unsafe-inline' https://platform.twitter.com https:// maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com 'self'; object-src https://twitter.com https://pbs.twimg.com; default-src 'self' blob:; frame-src https://staticxx.facebook.com https://twitter.com https://*.twimg.com https://5415703.fls.doubleclick.net https://player.vimeo.com https://pay.twitter.com https://www.facebook.com https://ton.twitter.com https://syndication.twitter.com https://vine.co twitter: https://www.youtube.com https://platform.twitter.com https://upload.twitter.com https://s- static.ak.facebook.com https://4337974.fls.doubleclick.net https://8122179.fls.doubleclick.net 'self' https://donate.twitter.com; img-src https://prod-profile.pscp.tv https://graph.facebook.com https://prod-thumbnail.pscp.tv https://*.giphy.com https:// twitter.com https://*.twimg.com https://ad.doubleclick.net data: https://clips-media-assets.twitch.tv https://lumiere-a.akamaihd.net https://fbcdn-profile-a.akamaihd.net https://www.facebook.com https://ton.twitter.com https://*.fbcdn.net https:// syndication.twitter.com https://media.riffsy.com https://www.google.com https://prod-profile.periscope.tv https:// stats.g.doubleclick.net https://platform.twitter.com https://api.mapbox.com https://www.google-analytics.com blob: https://prod- thumbnail-small.pscp.tv https://prod-thumbnail-small.periscope.tv 'self' https://prod-thumbnail.periscope.tv; report-uri https:// twitter.com/i/csp_report?a=NVQWGYLXFVZXO2LGOQ%3D%3D%3D%3D%3D%3D&ro=false; 4.6KB
HPACK - things to know • Default size is 4K - For entire dynamic table - Site-wide headers proposal: • https://mnot.github.io/I-D/site-wide-headers/ • Compression context is set per connection - New connection starts with blank dynamic table • Can’t turn it off • Can be an attack vector: - https://www.imperva.com/docs/Imperva_HII_HTTP2.pdf
Static Static Connection
Static Dynamic Static Dynamic SETTINGS_HEADER_TABLE_SIZE Connection
Static Dynamic Static Dynamic Decoder EncoderSETTINGS_HEADER_TABLE_SIZE Connection
Static Dynamic Dynamic Static Dynamic Dynamic Decoder Encoder Encoder Decoder SETTINGS_HEADER_TABLE_SIZE SETTINGS_HEADER_TABLE_SIZE Connection
Tools and resources
http://chimera.labs.oreilly.com/books/1230000000545
Browser indicator • Chrome: – https://chrome.google.com/webstore/detail/http2-and-spdy- indicator/mpbpobfflnpcgagjijhmgnchggcjblin?hl=en • Firefox: – https://addons.mozilla.org/en-US/firefox/addon/http2-indicator/
Dev tools
Wireshark Using the TLS key file: https://jimshaver.net/2015/02/11/decrypting-tls-browser-traffic-with-wireshark-the-easy-way/
cURL https://curl.haxx.se/docs/http2.html
cURL https://daniel.haxx.se/blog/2018/01/15/inspect-curls-tls-traffic/
nghttp https://nghttp2.org/
Others • h2c (and wiretapping): - https://github.com/fstab/h2c • h2a: reverse proxy - https://github.com/summerwind/h2a • Conformance: - https://github.com/summerwind/h2spec • Serves and proxies: - Charles proxy: https://www.charlesproxy.com - MITM proxy: https://mitmproxy.org/ - h2o: https://h2o.examp1e.net/ - Envoy: https://www.envoyproxy.io/ • http-wg - https://github.com/http2/http2-spec/wiki/Tools
What’s next?
0.9 1.0 1.1 2.0 HTTP Complexity HTTP version
0.9 1.0 1.1 2.0 HTTP Complexity My Age HTTP version
QUIC
gQUIC vs iQUIC
gQUIC vs iQUIC • Monolithic • Google proprietary • Modularized • IETF standard
IP TCP UDP TLS HTTP/2 QUIC TCP-like congestion avoidance, recovery HTTP/2 shim UDP QUIC TCP-like congestion avoidance, recovery Application (HTTP/2) QUIC crypto TLS 1.3 gQUIC iQUIChttp/2 https://datatracker.ietf.org/meeting/98/materials/slides-98-edu-sessf-quic-tutorial/
The promise of QUIC • Low latency connection setup - 0RTT (with TLS 1.3) • UDP - Addresses TCP’s head of line blocking in h2 - More flexible congestion avoidance algorithms - “rich signaling for congestion control and loss recovery” • Everything authenticated and encrypted • Mitigating middle box tomfoolery • Connection migration and NAT rebinding
Some QUIC reading • https://dl.acm.org/citation.cfm?id=3098842 • https://quicwg.github.io/ • https://github.com/quicwg • And a video: https://vimeo.com/227461189
Questions • Has much changed? • Do we still have a lot to learn? • Do we still have a lot to do? • QUIC will fix everything, right?
Thank you

Recommended

HTTP/2: What no one is telling you
HTTP/2: What no one is telling youHTTP/2: What no one is telling you
HTTP/2: What no one is telling youFastly
 
Altitude SF 2017: Logging at the edge
Altitude SF 2017: Logging at the edgeAltitude SF 2017: Logging at the edge
Altitude SF 2017: Logging at the edgeFastly
 
Revisiting HTTP/2
Revisiting HTTP/2Revisiting HTTP/2
Revisiting HTTP/2Fastly
 
Grpc present
Grpc presentGrpc present
Grpc presentPhạm Hải Anh
 
HTTP/2 for Developers
HTTP/2 for DevelopersHTTP/2 for Developers
HTTP/2 for DevelopersSvetlin Nakov
 
Enabling Googley microservices with HTTP/2 and gRPC.
Enabling Googley microservices with HTTP/2 and gRPC.Enabling Googley microservices with HTTP/2 and gRPC.
Enabling Googley microservices with HTTP/2 and gRPC.Alex Borysov
 
HTTP2:新的机遇与挑战
HTTP2:新的机遇与挑战HTTP2:新的机遇与挑战
HTTP2:新的机遇与挑战Jerry Qu
 
Introduction to gRPC: A general RPC framework that puts mobile and HTTP/2 fir...
Introduction to gRPC: A general RPC framework that puts mobile and HTTP/2 fir...Introduction to gRPC: A general RPC framework that puts mobile and HTTP/2 fir...
Introduction to gRPC: A general RPC framework that puts mobile and HTTP/2 fir...Codemotion
 

Recommended

HTTP/2: What no one is telling you
HTTP/2: What no one is telling youHTTP/2: What no one is telling you
HTTP/2: What no one is telling youFastly
 
Altitude SF 2017: Logging at the edge
Altitude SF 2017: Logging at the edgeAltitude SF 2017: Logging at the edge
Altitude SF 2017: Logging at the edgeFastly
 
Revisiting HTTP/2
Revisiting HTTP/2Revisiting HTTP/2
Revisiting HTTP/2Fastly
 
Grpc present
Grpc presentGrpc present
Grpc presentPhạm Hải Anh
 
HTTP/2 for Developers
HTTP/2 for DevelopersHTTP/2 for Developers
HTTP/2 for DevelopersSvetlin Nakov
 
Enabling Googley microservices with HTTP/2 and gRPC.
Enabling Googley microservices with HTTP/2 and gRPC.Enabling Googley microservices with HTTP/2 and gRPC.
Enabling Googley microservices with HTTP/2 and gRPC.Alex Borysov
 
HTTP2:新的机遇与挑战
HTTP2:新的机遇与挑战HTTP2:新的机遇与挑战
HTTP2:新的机遇与挑战Jerry Qu
 
Introduction to gRPC: A general RPC framework that puts mobile and HTTP/2 fir...
Introduction to gRPC: A general RPC framework that puts mobile and HTTP/2 fir...Introduction to gRPC: A general RPC framework that puts mobile and HTTP/2 fir...
Introduction to gRPC: A general RPC framework that puts mobile and HTTP/2 fir...Codemotion
 
Altitude San Francisco 2018: Programming the Edge
Altitude San Francisco 2018: Programming the EdgeAltitude San Francisco 2018: Programming the Edge
Altitude San Francisco 2018: Programming the EdgeFastly
 
Web Server Load Balancer
Web Server Load BalancerWeb Server Load Balancer
Web Server Load BalancerMobME Technical
 
Altitude San Francisco 2018: Testing with Fastly Workshop
Altitude San Francisco 2018: Testing with Fastly WorkshopAltitude San Francisco 2018: Testing with Fastly Workshop
Altitude San Francisco 2018: Testing with Fastly WorkshopFastly
 
Promise of Push (HTTP/2 Web Performance)
Promise of Push (HTTP/2 Web Performance)Promise of Push (HTTP/2 Web Performance)
Promise of Push (HTTP/2 Web Performance)Colin Bendell
 
HTTP/2 What's inside and Why
HTTP/2 What's inside and WhyHTTP/2 What's inside and Why
HTTP/2 What's inside and WhyAdrian Cole
 
Introducing HTTP/2
Introducing HTTP/2Introducing HTTP/2
Introducing HTTP/2Ido Flatow
 
Http2
Http2Http2
Http2Daniel Stenberg
 
HTTP/2 Introduction
HTTP/2 IntroductionHTTP/2 Introduction
HTTP/2 IntroductionWalter Liu
 
What HTTP/2.0 Will Do For You
What HTTP/2.0 Will Do For YouWhat HTTP/2.0 Will Do For You
What HTTP/2.0 Will Do For YouMark Nottingham
 
HAProxy tech talk
HAProxy tech talkHAProxy tech talk
HAProxy tech talkicebourg
 
Load Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesLoad Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesSeveralnines
 
Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2Ido Flatow
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPFastly
 
Efficient HTTP Apis
Efficient HTTP ApisEfficient HTTP Apis
Efficient HTTP ApisAdrian Cole
 
HTTP 2.0 – What do I need to know?
HTTP 2.0 – What do I need to know? HTTP 2.0 – What do I need to know?
HTTP 2.0 – What do I need to know? Sigma Software
 
Nginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixNginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixHarald Zeitlhofer
 
Using HAProxy to Scale MySQL
Using HAProxy to Scale MySQLUsing HAProxy to Scale MySQL
Using HAProxy to Scale MySQLBill Sickles
 
Http2 kotlin
Http2 kotlinHttp2 kotlin
Http2 kotlinAndrii Bezruchko
 
How happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTPHow happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTPIchito Nagata
 
I got 99 problems, but ReST ain't one
I got 99 problems, but ReST ain't oneI got 99 problems, but ReST ain't one
I got 99 problems, but ReST ain't oneAdrian Cole
 
Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2Ido Flatow
 
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...Ontico
 

More Related Content

What's hot

Altitude San Francisco 2018: Programming the Edge
Altitude San Francisco 2018: Programming the EdgeAltitude San Francisco 2018: Programming the Edge
Altitude San Francisco 2018: Programming the EdgeFastly
 
Web Server Load Balancer
Web Server Load BalancerWeb Server Load Balancer
Web Server Load BalancerMobME Technical
 
Altitude San Francisco 2018: Testing with Fastly Workshop
Altitude San Francisco 2018: Testing with Fastly WorkshopAltitude San Francisco 2018: Testing with Fastly Workshop
Altitude San Francisco 2018: Testing with Fastly WorkshopFastly
 
Promise of Push (HTTP/2 Web Performance)
Promise of Push (HTTP/2 Web Performance)Promise of Push (HTTP/2 Web Performance)
Promise of Push (HTTP/2 Web Performance)Colin Bendell
 
HTTP/2 What's inside and Why
HTTP/2 What's inside and WhyHTTP/2 What's inside and Why
HTTP/2 What's inside and WhyAdrian Cole
 
Introducing HTTP/2
Introducing HTTP/2Introducing HTTP/2
Introducing HTTP/2Ido Flatow
 
HTTP/2 Introduction
HTTP/2 IntroductionHTTP/2 Introduction
HTTP/2 IntroductionWalter Liu
 
What HTTP/2.0 Will Do For You
What HTTP/2.0 Will Do For YouWhat HTTP/2.0 Will Do For You
What HTTP/2.0 Will Do For YouMark Nottingham
 
HAProxy tech talk
HAProxy tech talkHAProxy tech talk
HAProxy tech talkicebourg
 
Load Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesLoad Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesSeveralnines
 
Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2Ido Flatow
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPFastly
 
Efficient HTTP Apis
Efficient HTTP ApisEfficient HTTP Apis
Efficient HTTP ApisAdrian Cole
 
HTTP 2.0 – What do I need to know?
HTTP 2.0 – What do I need to know? HTTP 2.0 – What do I need to know?
HTTP 2.0 – What do I need to know? Sigma Software
 
Nginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixNginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixHarald Zeitlhofer
 
Using HAProxy to Scale MySQL
Using HAProxy to Scale MySQLUsing HAProxy to Scale MySQL
Using HAProxy to Scale MySQLBill Sickles
 
How happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTPHow happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTPIchito Nagata
 
I got 99 problems, but ReST ain't one
I got 99 problems, but ReST ain't oneI got 99 problems, but ReST ain't one
I got 99 problems, but ReST ain't oneAdrian Cole
 

What's hot (20)

Altitude San Francisco 2018: Programming the Edge
Altitude San Francisco 2018: Programming the EdgeAltitude San Francisco 2018: Programming the Edge
Altitude San Francisco 2018: Programming the Edge
 
Web Server Load Balancer
Web Server Load BalancerWeb Server Load Balancer
Web Server Load Balancer
 
Altitude San Francisco 2018: Testing with Fastly Workshop
Altitude San Francisco 2018: Testing with Fastly WorkshopAltitude San Francisco 2018: Testing with Fastly Workshop
Altitude San Francisco 2018: Testing with Fastly Workshop
 
Promise of Push (HTTP/2 Web Performance)
Promise of Push (HTTP/2 Web Performance)Promise of Push (HTTP/2 Web Performance)
Promise of Push (HTTP/2 Web Performance)
 
HTTP/2 What's inside and Why
HTTP/2 What's inside and WhyHTTP/2 What's inside and Why
HTTP/2 What's inside and Why
 
Introducing HTTP/2
Introducing HTTP/2Introducing HTTP/2
Introducing HTTP/2
 
Http2
Http2Http2
Http2
 
HTTP/2 Introduction
HTTP/2 IntroductionHTTP/2 Introduction
HTTP/2 Introduction
 
What HTTP/2.0 Will Do For You
What HTTP/2.0 Will Do For YouWhat HTTP/2.0 Will Do For You
What HTTP/2.0 Will Do For You
 
HAProxy tech talk
HAProxy tech talkHAProxy tech talk
HAProxy tech talk
 
Load Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesLoad Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - Slides
 
Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
 
Efficient HTTP Apis
Efficient HTTP ApisEfficient HTTP Apis
Efficient HTTP Apis
 
HTTP 2.0 – What do I need to know?
HTTP 2.0 – What do I need to know? HTTP 2.0 – What do I need to know?
HTTP 2.0 – What do I need to know?
 
Nginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixNginx, PHP, Apache and Spelix
Nginx, PHP, Apache and Spelix
 
Using HAProxy to Scale MySQL
Using HAProxy to Scale MySQLUsing HAProxy to Scale MySQL
Using HAProxy to Scale MySQL
 
Http2 kotlin
Http2 kotlinHttp2 kotlin
Http2 kotlin
 
How happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTPHow happy they became with H2O/mruby and the future of HTTP
How happy they became with H2O/mruby and the future of HTTP
 
I got 99 problems, but ReST ain't one
I got 99 problems, but ReST ain't oneI got 99 problems, but ReST ain't one
I got 99 problems, but ReST ain't one
 

Similar to Revisiting HTTP/2

Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2Ido Flatow
 
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...Ontico
 
Under the Covers with the Web
Under the Covers with the WebUnder the Covers with the Web
Under the Covers with the WebTrevor Lohrbeer
 
HTTP2 and gRPC
HTTP2 and gRPCHTTP2 and gRPC
HTTP2 and gRPCGuo Jing
 
Introduction to gRPC - Mete Atamel - Codemotion Rome 2017
Introduction to gRPC - Mete Atamel - Codemotion Rome 2017Introduction to gRPC - Mete Atamel - Codemotion Rome 2017
Introduction to gRPC - Mete Atamel - Codemotion Rome 2017Codemotion
 
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 eraHTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 erapeychevi
 
HTTP colon slash slash: the end of the road?
HTTP colon slash slash: the end of the road?HTTP colon slash slash: the end of the road?
HTTP colon slash slash: the end of the road?Alessandro Nadalin
 
Taking a Quantum Leap with Html 5 WebSocket
Taking a Quantum Leap with Html 5 WebSocketTaking a Quantum Leap with Html 5 WebSocket
Taking a Quantum Leap with Html 5 WebSocketShahriar Hyder
 
SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28
SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28
SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28Jxck Jxck
 
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the WebCleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the WebSteffen Gebert
 
Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2Ido Flatow
 
Next generation web protocols
Next generation web protocolsNext generation web protocols
Next generation web protocolsDaniel Austin
 
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folksDevoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folksNicolas Martignole
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)NYversity
 

Similar to Revisiting HTTP/2 (20)

Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2
 
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
 
Under the Covers with the Web
Under the Covers with the WebUnder the Covers with the Web
Under the Covers with the Web
 
HTTP2 and gRPC
HTTP2 and gRPCHTTP2 and gRPC
HTTP2 and gRPC
 
Introduction to gRPC - Mete Atamel - Codemotion Rome 2017
Introduction to gRPC - Mete Atamel - Codemotion Rome 2017Introduction to gRPC - Mete Atamel - Codemotion Rome 2017
Introduction to gRPC - Mete Atamel - Codemotion Rome 2017
 
Http2
Http2Http2
Http2
 
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 eraHTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
 
HTTP colon slash slash: the end of the road?
HTTP colon slash slash: the end of the road?HTTP colon slash slash: the end of the road?
HTTP colon slash slash: the end of the road?
 
HTTP
HTTPHTTP
HTTP
 
Taking a Quantum Leap with Html 5 WebSocket
Taking a Quantum Leap with Html 5 WebSocketTaking a Quantum Leap with Html 5 WebSocket
Taking a Quantum Leap with Html 5 WebSocket
 
Http/2
Http/2Http/2
Http/2
 
SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28
SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28
SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28
 
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the WebCleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
 
Introduction to HTTP/2
Introduction to HTTP/2Introduction to HTTP/2
Introduction to HTTP/2
 
Next generation web protocols
Next generation web protocolsNext generation web protocols
Next generation web protocols
 
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folksDevoxx Maroc 2015 HTTP 1, HTTP 2 and folks
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)
 
HTTP
HTTPHTTP
HTTP
 
RESTful design
RESTful designRESTful design
RESTful design
 
Introduction to SDshare
Introduction to SDshareIntroduction to SDshare
Introduction to SDshare
 

More from Fastly

Altitude San Francisco 2018: Preparing for Video Streaming Events at Scale
Altitude San Francisco 2018: Preparing for Video Streaming Events at ScaleAltitude San Francisco 2018: Preparing for Video Streaming Events at Scale
Altitude San Francisco 2018: Preparing for Video Streaming Events at ScaleFastly
 
Altitude San Francisco 2018: Building the Souther Hemisphere of the Internet
Altitude San Francisco 2018: Building the Souther Hemisphere of the InternetAltitude San Francisco 2018: Building the Souther Hemisphere of the Internet
Altitude San Francisco 2018: Building the Souther Hemisphere of the InternetFastly
 
Altitude San Francisco 2018: The World Cup Stream
Altitude San Francisco 2018: The World Cup StreamAltitude San Francisco 2018: The World Cup Stream
Altitude San Francisco 2018: The World Cup StreamFastly
 
Altitude San Francisco 2018: We Own Our Destiny
Altitude San Francisco 2018: We Own Our DestinyAltitude San Francisco 2018: We Own Our Destiny
Altitude San Francisco 2018: We Own Our DestinyFastly
 
Altitude San Francisco 2018: Scale and Stability at the Edge with 1.4 Billion...
Altitude San Francisco 2018: Scale and Stability at the Edge with 1.4 Billion...Altitude San Francisco 2018: Scale and Stability at the Edge with 1.4 Billion...
Altitude San Francisco 2018: Scale and Stability at the Edge with 1.4 Billion...Fastly
 
Altitude San Francisco 2018: Moving Off the Monolith: A Seamless Migration
Altitude San Francisco 2018: Moving Off the Monolith: A Seamless MigrationAltitude San Francisco 2018: Moving Off the Monolith: A Seamless Migration
Altitude San Francisco 2018: Moving Off the Monolith: A Seamless MigrationFastly
 
Altitude San Francisco 2018: Bringing TLS to GitHub Pages
Altitude San Francisco 2018: Bringing TLS to GitHub PagesAltitude San Francisco 2018: Bringing TLS to GitHub Pages
Altitude San Francisco 2018: Bringing TLS to GitHub PagesFastly
 
Altitude San Francisco 2018: HTTP Invalidation Workshop
Altitude San Francisco 2018: HTTP Invalidation WorkshopAltitude San Francisco 2018: HTTP Invalidation Workshop
Altitude San Francisco 2018: HTTP Invalidation WorkshopFastly
 
Altitude San Francisco 2018: HTTP/2 Tales: Discovery and Woe
Altitude San Francisco 2018: HTTP/2 Tales: Discovery and WoeAltitude San Francisco 2018: HTTP/2 Tales: Discovery and Woe
Altitude San Francisco 2018: HTTP/2 Tales: Discovery and WoeFastly
 
Altitude San Francisco 2018: How Magento moved to the cloud while maintaining...
Altitude San Francisco 2018: How Magento moved to the cloud while maintaining...Altitude San Francisco 2018: How Magento moved to the cloud while maintaining...
Altitude San Francisco 2018: How Magento moved to the cloud while maintaining...Fastly
 
Altitude San Francisco 2018: Scaling Ethereum to 10B requests per day
Altitude San Francisco 2018: Scaling Ethereum to 10B requests per dayAltitude San Francisco 2018: Scaling Ethereum to 10B requests per day
Altitude San Francisco 2018: Scaling Ethereum to 10B requests per dayFastly
 
Altitude San Francisco 2018: Authentication at the Edge
Altitude San Francisco 2018: Authentication at the EdgeAltitude San Francisco 2018: Authentication at the Edge
Altitude San Francisco 2018: Authentication at the EdgeFastly
 
Altitude San Francisco 2018: WebAssembly Tools & Applications
Altitude San Francisco 2018: WebAssembly Tools & ApplicationsAltitude San Francisco 2018: WebAssembly Tools & Applications
Altitude San Francisco 2018: WebAssembly Tools & ApplicationsFastly
 
Altitude San Francisco 2018: Fastly Purge Control at the USA TODAY NETWORK
Altitude San Francisco 2018: Fastly Purge Control at the USA TODAY NETWORKAltitude San Francisco 2018: Fastly Purge Control at the USA TODAY NETWORK
Altitude San Francisco 2018: Fastly Purge Control at the USA TODAY NETWORKFastly
 
Altitude San Francisco 2018: WAF Workshop
Altitude San Francisco 2018: WAF WorkshopAltitude San Francisco 2018: WAF Workshop
Altitude San Francisco 2018: WAF WorkshopFastly
 
Altitude San Francisco 2018: Logging at the Edge
Altitude San Francisco 2018: Logging at the Edge Altitude San Francisco 2018: Logging at the Edge
Altitude San Francisco 2018: Logging at the Edge Fastly
 
Altitude San Francisco 2018: Video Workshop Docs
Altitude San Francisco 2018: Video Workshop DocsAltitude San Francisco 2018: Video Workshop Docs
Altitude San Francisco 2018: Video Workshop DocsFastly
 
Enabling lightning fast content delivery for Spotify
Enabling lightning fast content delivery for SpotifyEnabling lightning fast content delivery for Spotify
Enabling lightning fast content delivery for SpotifyFastly
 
What's next in edge computing?
What's next in edge computing?What's next in edge computing?
What's next in edge computing?Fastly
 
Honing headers for highly hardened highspeed hypertext
Honing headers for highly hardened highspeed hypertextHoning headers for highly hardened highspeed hypertext
Honing headers for highly hardened highspeed hypertextFastly
 

More from Fastly (20)

Altitude San Francisco 2018: Preparing for Video Streaming Events at Scale
Altitude San Francisco 2018: Preparing for Video Streaming Events at ScaleAltitude San Francisco 2018: Preparing for Video Streaming Events at Scale
Altitude San Francisco 2018: Preparing for Video Streaming Events at Scale
 
Altitude San Francisco 2018: Building the Souther Hemisphere of the Internet
Altitude San Francisco 2018: Building the Souther Hemisphere of the InternetAltitude San Francisco 2018: Building the Souther Hemisphere of the Internet
Altitude San Francisco 2018: Building the Souther Hemisphere of the Internet
 
Altitude San Francisco 2018: The World Cup Stream
Altitude San Francisco 2018: The World Cup StreamAltitude San Francisco 2018: The World Cup Stream
Altitude San Francisco 2018: The World Cup Stream
 
Altitude San Francisco 2018: We Own Our Destiny
Altitude San Francisco 2018: We Own Our DestinyAltitude San Francisco 2018: We Own Our Destiny
Altitude San Francisco 2018: We Own Our Destiny
 
Altitude San Francisco 2018: Scale and Stability at the Edge with 1.4 Billion...
Altitude San Francisco 2018: Scale and Stability at the Edge with 1.4 Billion...Altitude San Francisco 2018: Scale and Stability at the Edge with 1.4 Billion...
Altitude San Francisco 2018: Scale and Stability at the Edge with 1.4 Billion...
 
Altitude San Francisco 2018: Moving Off the Monolith: A Seamless Migration
Altitude San Francisco 2018: Moving Off the Monolith: A Seamless MigrationAltitude San Francisco 2018: Moving Off the Monolith: A Seamless Migration
Altitude San Francisco 2018: Moving Off the Monolith: A Seamless Migration
 
Altitude San Francisco 2018: Bringing TLS to GitHub Pages
Altitude San Francisco 2018: Bringing TLS to GitHub PagesAltitude San Francisco 2018: Bringing TLS to GitHub Pages
Altitude San Francisco 2018: Bringing TLS to GitHub Pages
 
Altitude San Francisco 2018: HTTP Invalidation Workshop
Altitude San Francisco 2018: HTTP Invalidation WorkshopAltitude San Francisco 2018: HTTP Invalidation Workshop
Altitude San Francisco 2018: HTTP Invalidation Workshop
 
Altitude San Francisco 2018: HTTP/2 Tales: Discovery and Woe
Altitude San Francisco 2018: HTTP/2 Tales: Discovery and WoeAltitude San Francisco 2018: HTTP/2 Tales: Discovery and Woe
Altitude San Francisco 2018: HTTP/2 Tales: Discovery and Woe
 
Altitude San Francisco 2018: How Magento moved to the cloud while maintaining...
Altitude San Francisco 2018: How Magento moved to the cloud while maintaining...Altitude San Francisco 2018: How Magento moved to the cloud while maintaining...
Altitude San Francisco 2018: How Magento moved to the cloud while maintaining...
 
Altitude San Francisco 2018: Scaling Ethereum to 10B requests per day
Altitude San Francisco 2018: Scaling Ethereum to 10B requests per dayAltitude San Francisco 2018: Scaling Ethereum to 10B requests per day
Altitude San Francisco 2018: Scaling Ethereum to 10B requests per day
 
Altitude San Francisco 2018: Authentication at the Edge
Altitude San Francisco 2018: Authentication at the EdgeAltitude San Francisco 2018: Authentication at the Edge
Altitude San Francisco 2018: Authentication at the Edge
 
Altitude San Francisco 2018: WebAssembly Tools & Applications
Altitude San Francisco 2018: WebAssembly Tools & ApplicationsAltitude San Francisco 2018: WebAssembly Tools & Applications
Altitude San Francisco 2018: WebAssembly Tools & Applications
 
Altitude San Francisco 2018: Fastly Purge Control at the USA TODAY NETWORK
Altitude San Francisco 2018: Fastly Purge Control at the USA TODAY NETWORKAltitude San Francisco 2018: Fastly Purge Control at the USA TODAY NETWORK
Altitude San Francisco 2018: Fastly Purge Control at the USA TODAY NETWORK
 
Altitude San Francisco 2018: WAF Workshop
Altitude San Francisco 2018: WAF WorkshopAltitude San Francisco 2018: WAF Workshop
Altitude San Francisco 2018: WAF Workshop
 
Altitude San Francisco 2018: Logging at the Edge
Altitude San Francisco 2018: Logging at the Edge Altitude San Francisco 2018: Logging at the Edge
Altitude San Francisco 2018: Logging at the Edge
 
Altitude San Francisco 2018: Video Workshop Docs
Altitude San Francisco 2018: Video Workshop DocsAltitude San Francisco 2018: Video Workshop Docs
Altitude San Francisco 2018: Video Workshop Docs
 
Enabling lightning fast content delivery for Spotify
Enabling lightning fast content delivery for SpotifyEnabling lightning fast content delivery for Spotify
Enabling lightning fast content delivery for Spotify
 
What's next in edge computing?
What's next in edge computing?What's next in edge computing?
What's next in edge computing?
 
Honing headers for highly hardened highspeed hypertext
Honing headers for highly hardened highspeed hypertextHoning headers for highly hardened highspeed hypertext
Honing headers for highly hardened highspeed hypertext
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Recently uploaded (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Revisiting HTTP/2

  • 2.
  • 7. % of overall requests on Fastly’s network (2017) %ofrequests 0% 25% 50% 75% 100%January February M arch April M ay June July August Septem ber O ctober N ovem ber D ecem ber HTTP/2
  • 11. Revisiting HTTP/2 • Core concepts • Major features - HTTP and TCP - Server push - Priorities and dependencies - HPACK • Has anything changed? Have we learned anything? • What’s next?
  • 16. connection • A single, long lasting connection • Theoretically, this means better congestion management between peers • TLS/ALPN • Connection reuse across domains
  • 18. Streams • Virtual communication channels - Translate roughly to a request/response exchange - Either side can initiate a stream • Stream IDs - Client: odd; server: even; 0: reserved - Each ID must be larger than the last - Cannot be reused
  • 19. +--------+ send PP | | recv PP ,--------| idle |--------. / | | v +--------+ v +----------+ | +----------+ | | | send H / | | ,------| reserved | | recv H | reserved |------. | | (local) | | | (remote) | | | +----------+ v +----------+ | | | +--------+ | | | | recv ES | | send ES | | | send H | ,-------| open |-------. | recv H | | | / | | | | | v v +--------+ v v | | +----------+ | +----------+ | | | half | | | half | | | | closed | | send R / | closed | | | | (remote) | | recv R | (local) | | | +----------+ | +----------+ | | | | | | | | send ES / | recv ES / | | | | send R / v send R / | | | | recv R +--------+ recv R | | | send R / `----------->| |<-----------' send R / | | recv R | closed | recv R | `----------------------->| |<----------------------' +--------+ send: endpoint sends this frame recv: endpoint receives this frame H: HEADERS frame (with implied CONTINUATIONs) PP: PUSH_PROMISE frame (with implied CONTINUATIONs) ES: END_STREAM flag R: RST_STREAM frame
  • 20. connection stream stream stream … frame frame frame frame frame frame frame frame frame frame frame frame frame frame frame frame frame frame frame
  • 21. GET /thing HTTP/1.1 Host: www.example.com User-Agent: Some_user_agent HTTP/1.1 200 OK Server: some_server Content-Type: text/html Content-Length: 1000 html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html Request Response
  • 22. GET /thing HTTP/1.1 Host: www.example.com User-Agent: Some_user_agent HTTP/1.1 200 OK Server: some_server Content-Type: text/html Content-Length: 1000 html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html Request Response HEADERS
  • 23. GET /thing HTTP/1.1 Host: www.example.com User-Agent: Some_user_agent HTTP/1.1 200 OK Server: some_server Content-Type: text/html Content-Length: 1000 html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html HEADERS HEADERS Request Response
  • 24. GET /thing HTTP/1.1 Host: www.example.com User-Agent: Some_user_agent HTTP/1.1 200 OK Server: some_server Content-Type: text/html Content-Length: 1000 html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html html DATA DATA DATA DATA DATA DATA HEADERS Request Response HEADERS
  • 25. DATA Carries request or response data HEADERS Carries request/response headers/trailers; can initiate a stream PRIORITY Indicates priority of a stream RST_STREAM Terminates a stream SETTINGS Defines parameters for the connection only PUSH_PROMISE Signals peer for server push PING Maintenance frame for checking RTT, connection, etc GOAWAY For shutting down a connection WINDOW_UPDATE Frame responsible for flow control adjustments CONTINUATION Extends a HEADERS frame and can carry more headers
  • 26. DATA Carries request or response data HEADERS Carries request/response headers/trailers; can initiate a stream PRIORITY Indicates priority of a stream RST_STREAM Terminates a stream SETTINGS Defines parameters for the connection only PUSH_PROMISE Signals peer for server push PING Maintenance frame for checking RTT, connection, etc GOAWAY For shutting down a connection WINDOW_UPDATE Frame responsible for flow control adjustments CONTINUATION Extends a HEADERS frame and can carry more headers
  • 27. TCP TLS TLS Record Header: valuern Header: valuern Header: valuern rn Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body HTTP/1
  • 28. HTTP/2 Frame TCP TLS TLS Record HTTP/2 Frame HTTP/2 Frame … Stream ID Stream ID Stream ID TCP TLS TLS Record Header: valuern Header: valuern Header: valuern rn Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body Body HTTP/1 HTTP/2
  • 33. HTTP/1 connection request response Head-of-line blocking: nothing else can happen over the connection while busy with request/response
  • 37.
  • 40.
  • 44.
  • 45.
  • 46.
  • 47. Private WebpageTest 5Mbps/1Mbps, 40ms latency Chrome; h1 vs h2
  • 48. PLR
  • 49.
  • 50.
  • 51.
  • 52.
  • 54.
  • 56.
  • 57.       0% PLR 2% PLR 5Mbps/1Mbps 40ms 780Kbps/330Kbps 200ms 5Mbps/1Mbps 40ms 780Kbps/330Kbps 200ms Doc Complete h2 h2 h2 h2 h1 h1 h1 h1 DCL Start h1 h1 h2 h1 h1 h1 h2 h1 Speed Index h2/h1 h2 h2 h2 h1 h1 h2 h2
  • 58. 0% PLR 2% PLR 5Mbps/1Mbps; 40ms 780Kbps/330Kbps; 200ms 5Mbps/1Mbps; 40ms 780Kbps/330Kbps; 200ms Site1a (Fastly) DocComplete h2 h2 h2 h1 h1 h1 h1 h1 DCL Start h2 h1 h2 h2 h2/h1 h1 h2 h2 Speed Index h1 h2 h2 h2 h1 h2/h1 h2/h1 h2 Site1b DocComplete h2/h1 h2 h2 h2 h1 h2 h1 h2/h1 DCL Start h1 h2 h1 h1 h1 h2/h1 h1 h1 Speed Index h1 h2 h2 h1 h1 h2/h1 h1 h1 Site1c DocComplete h1/h2 h2 h2 h2 h1 h1 h1 h1 DCL Start h1 h1/h2 h1 h1 h1 h2 h1 h1 Speed Index h2 h2 h1 h2 h1 h2 h1 h1 Site2a DocComplete h2 h2 h2 h2 h1 h2/h1 h1 h1 DCL Start h2 h2 h2 h2 h1 h1 h1 h1 Speed Index h1 h2 h1 h2 h1 h2 h1 h2 Site2b DocComplete h2 h2 h2 h2 h1 h1/h2 h1 h1 DCL Start h2 h2 h1 h2 h1 h2 h1 h2 Speed Index h2 h1/h2 h1 h1/h2 h2 h2 h1 h1 Site3a DocComplete h2 h2 h1 h2 h2 h2 h1 h1 DCL Start h2 h2 h2 h2 h2 h2 h2 h2 Speed Index h2 h2 h1 h1 h1/h2 h1/h2 h1 h1 Site3b DocComplete h2 h2 h2 h1/h2 h2 h2/h1 h2 h2 DCL Start h2 h2 h2 h2 h2 h2 h2 h2 Speed Index h1 h2 h1 h1 h1 h2 h1 h1 Site3c DocComplete h1 h2 h2 h2 h1 h2 h2 h2 DCL Start h1/h2 h2 h1 h1/h2 h2/h1 h2 h1 h2/h1 Speed Index h1 h2 h2 h2 h2 h2 h2 h2
  • 59. Why?
  • 60.
  • 61.
  • 62.
  • 63.
  • 64. Head of line blocking in TCP
  • 65.
  • 66.
  • 67.
  • 68. Some reading… • http://c3lab.poliba.it/images/3/3b/QUIC_SAC15.pdf • https://www.usenix.org/system/files/conference/nsdi14/nsdi14-paper- wang_xiao_sophia.pdf • http://arxiv.org/pdf/1507.06562v1.pdf • http://nl.cs.montana.edu/lab/publications/Goel_H2_extended.pdf • https://99designs.com.au/tech-blog/blog/2016/07/14/real-world-http-2-400gb-of- images-per-day/
  • 69. Takeaways (then) • Despite the experiment flaws, performance benefits are less than clear cut, out of the box • Seemed best: - Not listen to anyone! - Try for yourself
  • 71. BBR
  • 74. Bountifully Beneficial Reading • https://github.com/google/bbr/blob/master/ Presentations/bbr-2017-02-08-google-net- research-summit.pdf • https://github.com/google/bbr • https://dl.acm.org/citation.cfm?id=3009824 • https://arxiv.org/pdf/1706.09115.pdf
  • 77. BBR Cubic a single 1MB object download
  • 78. BBR Cubic a single 1MB object download
  • 79. BBR Cubic a single 1MB object download
  • 80. BBR Cubic a single 1MB object download
  • 81. BBR Cubic a single 1MB object download
  • 82. BBR Cubic a single 1MB object download
  • 83. perf (p50) cwnd retrans
  • 84. BBR things… • Is BBR a good network citizen? • “network waterboarding” • There’s still work to do
  • 86.
  • 87.
  • 89.
  • 90.
  • 91. Origin frame • List of domains eligible for coalescing - Cert still needs to match • Empty frame signals no coalescing - Fall back to SNI • Obviates DNS lookups for listed domains
  • 92. Origin frame • List of domains eligible for coalescing - Cert still needs to match • Empty frame signals no coalescing - Fall back to SNI • Obviates DNS lookups for listed domains
  • 93. Origin frame • List of domains eligible for coalescing - Cert still needs to match • Empty frame signals no coalescing - Fall back to SNI • Obviates DNS lookups for listed domains
  • 94. The connection is an authoritative and secure context
  • 95. The connection is an authoritative and secure context
  • 96. h2 and TCP • Performance benefits? - Jury’s still out - BBR helps, but pros/cons aren’t totally clear yet - It’s still best to figure out what’s best for you on your own! • The context of a connection is being relied on more and more
  • 98. Push basic • “push” a resource to the client before it’s requested • Only servers can push • Hop-by-hop • Triggered by PUSH_PROMISE frame
  • 102. What to push? • A replacement for inlining - All the RTT-saving benefits + caching • Google paper: - https://docs.google.com/a/fastly.com/drawings/d/ 1mWwY_MeNAjzDRCF0uT97KgN0lh_jX79a53X6iOuH_Is/pub?w=2330&h=1350 • Facebook: - https://www.facebook.com/atscaleevents/videos/1775942979345465/ • TTFMP: - https://youtu.be/4pQ2byAoIX0
  • 103. Link: </css1.css>; rel=preload; as=style https://w3c.github.io/preload/
  • 104. Doesn’t Link rel=preload already mean something to the browser?
  • 105. Link: </css1.css>; rel=preload; as=style; nopush https://w3c.github.io/preload/
  • 106. Link: </css1.css>; rel=preload; as=style; x-http2-push-only
  • 110.
  • 111.
  • 112.
  • 113.
  • 114.
  • 116.
  • 118.
  • 119. Push with Link header Async Push
  • 120. of course it isn’t that simple…
  • 123.
  • 129. +-------------------------------+-------------------------------+
 | Origin-Len (16) | Origin? (*) ...
 +-------------------------------+-------------------------------+
 | Digest-Value? (*) ...
 +---------------------------------------------------------------+
  • 130. We still have work to do...
  • 133. $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 30000 is_push:0 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 US-West
  • 134. $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 30000 is_push:0 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 US-West
  • 135. $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 30000 is_push:0 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29997 is_push:0 3 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29994 is_push:0 6 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29990 is_push:0 10 is_push:1 $varnishlog -i h2_attributes | grep -o "is_push:." | head -n 30000 | sort | uniq -c 29998 is_push:0 2 is_push:1 US-East US-West
  • 136. Pushing for push • Is the 1RTT worth the complexity? • 103 to the browser gives us the same benefit as the most important use-case • Cache digests may still be useful, regardless of push
  • 138. Prioritization basics • Address possible contention because of all the concurrency • Stream weights • Dependency • HEADERS and PRIORITY frames • It’s only a “suggestion”
  • 139. Example 1 • A gets ¾ of resources • B gets ¼ of resources * A 12 B 4 12/(12+4) 4/(12+4)
  • 140. Example 1 • A gets ¾ of resources • B gets ¼ of resources * A 12 B 4 12/(12+4) 4/(12+4)
  • 141. Example 2 • D gets all resources • After D is done, C gets all resources • Weights are meaningless since there are no siblings * D 1 C 8
  • 142. Example 3 • D gets all resources • After D is done, C gets all resources • After C is done: - A gets ¾ of resources - B gets ¼ of resources * D 1 C 8 A 12 B 4
  • 143. Example 4 • D gets all resources • After D is done: - C gets ½ of resources - E gets ½ of resources • After C is done: - A gets ¾ of C’s ½ of resources - B gets ¼ of C’s ½ of resources * D 1 C 8 A 12 B 4 E 8
  • 147.
  • 152. HPACK
  • 153. HPACK (RFC 7541) • Addresses the header bloat problem • Two primary mechanisms - All headers (name=value) are Huffman encoded - Indexed tables at each peer
  • 154. Tables • Static table - Defined by the RFC, never changes • Dynamic table - Built during the connection and maintained by each side - FIFO
  • 155.          +-------+-----------------------------+---------------+          | Index | Header Name                 | Header Value  |          +-------+-----------------------------+---------------+          | 1     | :authority                  |               |          | 2     | :method                     | GET           |          | 3     | :method                     | POST          |          | 4     | :path                       | /             |          | 5     | :path                       | /index.html   |          | 6     | :scheme                     | http          |          | 7     | :scheme                     | https         |          | 8     | :status                     | 200           |          | 9     | :status                     | 204           |          | 10    | :status                     | 206           |          | 11    | :status                     | 304           |          | 12    | :status                     | 400           |          | 13    | :status                     | 404           |          | 14    | :status                     | 500           |          | 15    | accept-charset              |               |          | 16    | accept-encoding             | gzip, deflate |          | 17    | accept-language             |               |          | 18    | accept-ranges               |               |          | 19    | accept                      |               |          | 20    | access-control-allow-origin |               |          | 21    | age                         |               |          | 22    | allow                       |               |          | 23    | authorization               |               |          | 24    | cache-control               |               |          | 25    | content-disposition         |               |          | 26    | content-encoding            |               |          | 27    | content-language            |               |          | 28    | content-length              |               |          | 29    | content-location            |               |          | 30    | content-range               |               |          +-------+-----------------------------+---------------+                       Table 1: Static Table Entries           +-------+-----------------------------+---------------+           | Index | Header Name                 | Header Value  |           +-------+-----------------------------+---------------+           | 31    | content-type                |               |           | 32    | cookie                      |               |           | 33    | date                        |               |           | 34    | etag                        |               |           | 35    | expect                      |               |           | 36    | expires                     |               |           | 37    | from                        |               |           | 38    | host                        |               |           | 39    | if-match                    |               |           | 40    | if-modified-since           |               |           | 41    | if-none-match               |               |           | 42    | if-range                    |               |           | 43    | if-unmodified-since         |               |           | 44    | last-modified               |               |           | 45    | link                        |               |           | 46    | location                    |               |           | 47    | max-forwards                |               |           | 48    | proxy-authenticate          |               |           | 49    | proxy-authorization         |               |           | 50    | range                       |               |           | 51    | referer                     |               |           | 52    | refresh                     |               |           | 53    | retry-after                 |               |           | 54    | server                      |               |           | 55    | set-cookie                  |               |           | 56    | strict-transport-security   |               |           | 57    | transfer-encoding           |               |           | 58    | user-agent                  |               |           | 59    | vary                        |               |           | 60    | via                         |               |           | 61    | www-authenticate            |               |           +-------+-----------------------------+---------------+                        Table 1: Static Table Entries
  • 156. Tables • Static table - Defined by the RFC, never changes • Dynamic table - Built during the connection and maintained by each side - FIFO
  • 157.
  • 158.
  • 159.
  • 160.
  • 161.
  • 162. Bytes browser => server Bytes server => browser
  • 164. HPACK - things to know • Default size is 4K - For entire dynamic table - Site-wide headers proposal: • https://mnot.github.io/I-D/site-wide-headers/ • Compression context is set per connection - New connection starts with blank dynamic table • Can’t turn it off • Can be an attack vector: - https://www.imperva.com/docs/Imperva_HII_HTTP2.pdf
  • 165. content-security-policy:script-src https://connect.facebook.net https://cm.g.doubleclick.net https://ssl.google-analytics.com https:// graph.facebook.com https://twitter.com 'unsafe-eval' https://*.twimg.com https://api.twitter.com https://analytics.twitter.com https://publish.twitter.com https://ton.twitter.com https://syndication.twitter.com https://www.google.com 'nonce- Kk9FW3roM81U6D0LjPHpZw==' https://t.tellapart.com https://platform.twitter.com https://www.google-analytics.com blob: 'self'; frame- ancestors 'self'; font-src https://twitter.com https://*.twimg.com data: https://ton.twitter.com https://fonts.gstatic.com https:// maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com 'self'; media-src https://rmpdhdsnappytv-vh.akamaihd.net https://prod-video- eu-central-1.pscp.tv https://v.cdn.vine.co https://dwo3ckksxlb0v.cloudfront.net https://twitter.com https://amp.twimg.com https:// smmdhdsnappytv-vh.akamaihd.net https://*.twimg.com https://prod-video-eu-west-1.pscp.tv https://rmmdhdsnappytv-vh.akamaihd.net https://clips-media-assets.twitch.tv https://prod-video-us-west-2.pscp.tv https://prod-video-us-west-1.pscp.tv https://prod-video-ap- northeast-1.pscp.tv https://smdhdsnappytv-vh.akamaihd.net https://ton.twitter.com https://rmdhdsnappytv-vh.akamaihd.net https:// mmdhdsnappytv-vh.akamaihd.net https://smpdhdsnappytv-vh.akamaihd.net https://prod-video-sa-east-1.pscp.tv https://mdhdsnappytv- vh.akamaihd.net https://prod-video-ap-southeast-2.pscp.tv https://mtc.cdn.vine.co https://dev-video-us-west-2.pscp.tv https://prod- video-us-east-1.pscp.tv blob: 'self' https://prod-video-ap-southeast-1.pscp.tv https://mpdhdsnappytv-vh.akamaihd.net https://dev- video-eu-west-1.pscp.tv; connect-src https://rmpdhdsnappytv-vh.akamaihd.net https://prod-video-eu-central-1.pscp.tv https:// graph.facebook.com https://*.giphy.com https://dwo3ckksxlb0v.cloudfront.net https://vmaprel.snappytv.com https://smmdhdsnappytv- vh.akamaihd.net https://*.twimg.com https://embed.pscp.tv https://api.twitter.com https://prod-video-eu-west-1.pscp.tv https:// rmmdhdsnappytv-vh.akamaihd.net https://clips-media-assets.twitch.tv https://prod-video-us-west-2.pscp.tv https://pay.twitter.com https://prod-video-us-west-1.pscp.tv https://analytics.twitter.com https://vmap.snappytv.com https://*.twprobe.net https://prod- video-ap-northeast-1.pscp.tv https://smdhdsnappytv-vh.akamaihd.net https://syndication.twitter.com https://sentry.io https:// rmdhdsnappytv-vh.akamaihd.net https://media.riffsy.com https://mmdhdsnappytv-vh.akamaihd.net https://embed.periscope.tv https:// smpdhdsnappytv-vh.akamaihd.net https://prod-video-sa-east-1.pscp.tv https://vmapstage.snappytv.com https://upload.twitter.com https://proxsee.pscp.tv https://mdhdsnappytv-vh.akamaihd.net https://prod-video-ap-southeast-2.pscp.tv https://dev-video-us- west-2.pscp.tv https://prod-video-us-east-1.pscp.tv 'self' https://vmap.grabyo.com https://prod-video-ap-southeast-1.pscp.tv https:// mpdhdsnappytv-vh.akamaihd.net https://dev-video-eu-west-1.pscp.tv; style-src https://fonts.googleapis.com https://twitter.com https://*.twimg.com https://translate.googleapis.com https://ton.twitter.com 'unsafe-inline' https://platform.twitter.com https:// maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com 'self'; object-src https://twitter.com https://pbs.twimg.com; default-src 'self' blob:; frame-src https://staticxx.facebook.com https://twitter.com https://*.twimg.com https://5415703.fls.doubleclick.net https://player.vimeo.com https://pay.twitter.com https://www.facebook.com https://ton.twitter.com https://syndication.twitter.com https://vine.co twitter: https://www.youtube.com https://platform.twitter.com https://upload.twitter.com https://s- static.ak.facebook.com https://4337974.fls.doubleclick.net https://8122179.fls.doubleclick.net 'self' https://donate.twitter.com; img-src https://prod-profile.pscp.tv https://graph.facebook.com https://prod-thumbnail.pscp.tv https://*.giphy.com https:// twitter.com https://*.twimg.com https://ad.doubleclick.net data: https://clips-media-assets.twitch.tv https://lumiere-a.akamaihd.net https://fbcdn-profile-a.akamaihd.net https://www.facebook.com https://ton.twitter.com https://*.fbcdn.net https:// syndication.twitter.com https://media.riffsy.com https://www.google.com https://prod-profile.periscope.tv https:// stats.g.doubleclick.net https://platform.twitter.com https://api.mapbox.com https://www.google-analytics.com blob: https://prod- thumbnail-small.pscp.tv https://prod-thumbnail-small.periscope.tv 'self' https://prod-thumbnail.periscope.tv; report-uri https:// twitter.com/i/csp_report?a=NVQWGYLXFVZXO2LGOQ%3D%3D%3D%3D%3D%3D&ro=false;
  • 166. content-security-policy:script-src https://connect.facebook.net https://cm.g.doubleclick.net https://ssl.google-analytics.com https:// graph.facebook.com https://twitter.com 'unsafe-eval' https://*.twimg.com https://api.twitter.com https://analytics.twitter.com https://publish.twitter.com https://ton.twitter.com https://syndication.twitter.com https://www.google.com 'nonce- Kk9FW3roM81U6D0LjPHpZw==' https://t.tellapart.com https://platform.twitter.com https://www.google-analytics.com blob: 'self'; frame- ancestors 'self'; font-src https://twitter.com https://*.twimg.com data: https://ton.twitter.com https://fonts.gstatic.com https:// maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com 'self'; media-src https://rmpdhdsnappytv-vh.akamaihd.net https://prod-video- eu-central-1.pscp.tv https://v.cdn.vine.co https://dwo3ckksxlb0v.cloudfront.net https://twitter.com https://amp.twimg.com https:// smmdhdsnappytv-vh.akamaihd.net https://*.twimg.com https://prod-video-eu-west-1.pscp.tv https://rmmdhdsnappytv-vh.akamaihd.net https://clips-media-assets.twitch.tv https://prod-video-us-west-2.pscp.tv https://prod-video-us-west-1.pscp.tv https://prod-video-ap- northeast-1.pscp.tv https://smdhdsnappytv-vh.akamaihd.net https://ton.twitter.com https://rmdhdsnappytv-vh.akamaihd.net https:// mmdhdsnappytv-vh.akamaihd.net https://smpdhdsnappytv-vh.akamaihd.net https://prod-video-sa-east-1.pscp.tv https://mdhdsnappytv- vh.akamaihd.net https://prod-video-ap-southeast-2.pscp.tv https://mtc.cdn.vine.co https://dev-video-us-west-2.pscp.tv https://prod- video-us-east-1.pscp.tv blob: 'self' https://prod-video-ap-southeast-1.pscp.tv https://mpdhdsnappytv-vh.akamaihd.net https://dev- video-eu-west-1.pscp.tv; connect-src https://rmpdhdsnappytv-vh.akamaihd.net https://prod-video-eu-central-1.pscp.tv https:// graph.facebook.com https://*.giphy.com https://dwo3ckksxlb0v.cloudfront.net https://vmaprel.snappytv.com https://smmdhdsnappytv- vh.akamaihd.net https://*.twimg.com https://embed.pscp.tv https://api.twitter.com https://prod-video-eu-west-1.pscp.tv https:// rmmdhdsnappytv-vh.akamaihd.net https://clips-media-assets.twitch.tv https://prod-video-us-west-2.pscp.tv https://pay.twitter.com https://prod-video-us-west-1.pscp.tv https://analytics.twitter.com https://vmap.snappytv.com https://*.twprobe.net https://prod- video-ap-northeast-1.pscp.tv https://smdhdsnappytv-vh.akamaihd.net https://syndication.twitter.com https://sentry.io https:// rmdhdsnappytv-vh.akamaihd.net https://media.riffsy.com https://mmdhdsnappytv-vh.akamaihd.net https://embed.periscope.tv https:// smpdhdsnappytv-vh.akamaihd.net https://prod-video-sa-east-1.pscp.tv https://vmapstage.snappytv.com https://upload.twitter.com https://proxsee.pscp.tv https://mdhdsnappytv-vh.akamaihd.net https://prod-video-ap-southeast-2.pscp.tv https://dev-video-us- west-2.pscp.tv https://prod-video-us-east-1.pscp.tv 'self' https://vmap.grabyo.com https://prod-video-ap-southeast-1.pscp.tv https:// mpdhdsnappytv-vh.akamaihd.net https://dev-video-eu-west-1.pscp.tv; style-src https://fonts.googleapis.com https://twitter.com https://*.twimg.com https://translate.googleapis.com https://ton.twitter.com 'unsafe-inline' https://platform.twitter.com https:// maxcdn.bootstrapcdn.com https://netdna.bootstrapcdn.com 'self'; object-src https://twitter.com https://pbs.twimg.com; default-src 'self' blob:; frame-src https://staticxx.facebook.com https://twitter.com https://*.twimg.com https://5415703.fls.doubleclick.net https://player.vimeo.com https://pay.twitter.com https://www.facebook.com https://ton.twitter.com https://syndication.twitter.com https://vine.co twitter: https://www.youtube.com https://platform.twitter.com https://upload.twitter.com https://s- static.ak.facebook.com https://4337974.fls.doubleclick.net https://8122179.fls.doubleclick.net 'self' https://donate.twitter.com; img-src https://prod-profile.pscp.tv https://graph.facebook.com https://prod-thumbnail.pscp.tv https://*.giphy.com https:// twitter.com https://*.twimg.com https://ad.doubleclick.net data: https://clips-media-assets.twitch.tv https://lumiere-a.akamaihd.net https://fbcdn-profile-a.akamaihd.net https://www.facebook.com https://ton.twitter.com https://*.fbcdn.net https:// syndication.twitter.com https://media.riffsy.com https://www.google.com https://prod-profile.periscope.tv https:// stats.g.doubleclick.net https://platform.twitter.com https://api.mapbox.com https://www.google-analytics.com blob: https://prod- thumbnail-small.pscp.tv https://prod-thumbnail-small.periscope.tv 'self' https://prod-thumbnail.periscope.tv; report-uri https:// twitter.com/i/csp_report?a=NVQWGYLXFVZXO2LGOQ%3D%3D%3D%3D%3D%3D&ro=false; 4.6KB
  • 167. HPACK - things to know • Default size is 4K - For entire dynamic table - Site-wide headers proposal: • https://mnot.github.io/I-D/site-wide-headers/ • Compression context is set per connection - New connection starts with blank dynamic table • Can’t turn it off • Can be an attack vector: - https://www.imperva.com/docs/Imperva_HII_HTTP2.pdf
  • 168.
  • 175. Browser indicator • Chrome: – https://chrome.google.com/webstore/detail/http2-and-spdy- indicator/mpbpobfflnpcgagjijhmgnchggcjblin?hl=en • Firefox: – https://addons.mozilla.org/en-US/firefox/addon/http2-indicator/
  • 177. Wireshark Using the TLS key file: https://jimshaver.net/2015/02/11/decrypting-tls-browser-traffic-with-wireshark-the-easy-way/
  • 181. Others • h2c (and wiretapping): - https://github.com/fstab/h2c • h2a: reverse proxy - https://github.com/summerwind/h2a • Conformance: - https://github.com/summerwind/h2spec • Serves and proxies: - Charles proxy: https://www.charlesproxy.com - MITM proxy: https://mitmproxy.org/ - h2o: https://h2o.examp1e.net/ - Envoy: https://www.envoyproxy.io/ • http-wg - https://github.com/http2/http2-spec/wiki/Tools
  • 183. 0.9 1.0 1.1 2.0 HTTP Complexity HTTP version
  • 184. 0.9 1.0 1.1 2.0 HTTP Complexity My Age HTTP version
  • 185. QUIC
  • 187. gQUIC vs iQUIC • Monolithic • Google proprietary • Modularized • IETF standard
  • 188. IP TCP UDP TLS HTTP/2 QUIC TCP-like congestion avoidance, recovery HTTP/2 shim UDP QUIC TCP-like congestion avoidance, recovery Application (HTTP/2) QUIC crypto TLS 1.3 gQUIC iQUIChttp/2 https://datatracker.ietf.org/meeting/98/materials/slides-98-edu-sessf-quic-tutorial/
  • 189.
  • 190. The promise of QUIC • Low latency connection setup - 0RTT (with TLS 1.3) • UDP - Addresses TCP’s head of line blocking in h2 - More flexible congestion avoidance algorithms - “rich signaling for congestion control and loss recovery” • Everything authenticated and encrypted • Mitigating middle box tomfoolery • Connection migration and NAT rebinding
  • 191. Some QUIC reading • https://dl.acm.org/citation.cfm?id=3098842 • https://quicwg.github.io/ • https://github.com/quicwg • And a video: https://vimeo.com/227461189
  • 192. Questions • Has much changed? • Do we still have a lot to learn? • Do we still have a lot to do? • QUIC will fix everything, right?