I want the next generation web here SPDY QUIC
56
I want the next generation web here SPDY QUIC A review of the SPDY and QUIC protocols
-
Upload
source-conference -
Category
Technology
-
view
365 -
download
1
description
Matt Summers, NCC Group - Web technology has changed a lot in the last 25 years but the underlying transport mechanism has stayed the same. The web we have today was not designed for the plethora of new device types and communication methods but things are changing and you probably don’t even know it. You probably don’t even notice the problem because it is so ingrained. In this presentation we are going to delve into the problems with the web and how we use it today. We will also take an in depth look at the proposed solutions for the next generation web and the implications that come with it.
Transcript of I want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUIC
A review of the SPDY and QUIC protocols
Agenda
•History•What’s up with HTTP?•SPDY•QUIC•Security•The Future
About Me
About Me
About Me
Before we start
ASK
What is SPDY?
•What?•Why?
What is QUIC?
•What?•Why?
History
•HTTP 0.9 - First documented in 1991•HTTP 1.0 - First documented in 1996•HTTP 1.1 – Released in 1997•HTTP 1.1 – Updated in 1999
What’s up with HTTP?
•Connections•Latency•Headers
What’s up with HTTP?
Home.aspx
Logo.jpgTime
What’s up with HTTP?
Home.aspx
Logo.jpg
Time
What’s up with HTTP?
"A single-user client SHOULD NOT maintain more than 2 connections with any server or proxy"
What’s up with HTTP?
Source: Akamai State of the Internet Report
What’s up with HTTP 1.1?
Resources
Time
History
•183 Resources•44 Domains•25 HTML Pages•2MB of text content
What’s up with HTTP?
What’s up with HTTP?
GET /news/ HTTP/1.1
Host: www.bbc.co.uk
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.bbc.co.uk/news/england/
Cookie: NTABS=B0; BBC-UID=2583816c740b5213b567deae81f1f11c5e89720eae48c3293395badd482afad00Mozilla%2f5%2e0%20%28Windows%20NT%206%2e1%3b%20WOW64%3b%20rv%3a27%2e0%29%20Gecko%2f20100101%20Firefox%2f27%2e0; BGUID=e513614cf47b72b7916877ff1183a8509e60292969e8942b1e4157e7578c4078; s1=531C4B275C0603BA; ecos.dt=1400334549086; ckns_policy=111; ckpf_mandolin=%22footer-promo%22%3A%7B%22segment%22%3Anull%2C%22end%22%3A%221400939293613%22%7D; _chartbeat2=0nohd0na7hc3kcd7.1400334522757.1400334540677.1; _chartbeat_uuniq=1; BBCLiveStatsClick=nav|1|0
DNT: 1
Connection: keep-alive
What’s up with HTTP?
GET /news/ HTTP/1.1Host: www.bbc.co.uk
SPDY
Source: The Chromium Projects
SPDY
•Multiplexing•Prioritisation•Header Compression•Server Push & Server Hint
SPDY
•Multiplexing•Prioritisation•Header Compression•Server Push & Server Hint
SPDY?Home.aspxLogo.jpgImage.bmp
Logo.jpg
Image.bmp
Home.aspx
SPDY
•Multiplexing•Prioritisation•Header Compression•Server Push & Server Hint
SPDY
•Multiplexing•Prioritisation•Header Compression•Server Push & Server Hint
What’s up with HTTP?
GET /news/ HTTP/1.1
Host: www.bbc.co.uk
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.bbc.co.uk/news/england/
Cookie: NTABS=B0; BBC-UID=2583816c740b5213b567deae81f1f11c5e89720eae48c3293395badd482afad00Mozilla%2f5%2e0%20%28Windows%20NT%206%2e1%3b%20WOW64%3b%20rv%3a27%2e0%29%20Gecko%2f20100101%20Firefox%2f27%2e0; BGUID=e513614cf47b72b7916877ff1183a8509e60292969e8942b1e4157e7578c4078; s1=531C4B275C0603BA; ecos.dt=1400334549086; ckns_policy=111; ckpf_mandolin=%22footer-promo%22%3A%7B%22segment%22%3Anull%2C%22end%22%3A%221400939293613%22%7D; _chartbeat2=0nohd0na7hc3kcd7.1400334522757.1400334540677.1; _chartbeat_uuniq=1; BBCLiveStatsClick=nav|1|0
DNT: 1
Connection: keep-alive
SPDY
•Multiplexing•Prioritisation•Header Compression•Server Push & Server Hint
SPDY
SPDY
SPDY
SPDY
SPDY
SPDY?TLS Request + Next Protocol
TLS Response
SPDY Request
SPDY Response
SPDY
•NPN Support Added 1.0.1•ALPN Support Added 1.0.2
QUIC
•Remove head-of-line-blocking•0RTT•Recover lost packets•Congestion control•Network change survival
QUIC
QUIC
QUIC
QUIC
“The middle box problem”
QUICConnect
Certificate
Negotiation
Response
Security
SPDY Security
•Header injection
SPDY Security
“complexity is the worst enemy of security”
"The only way to evaluate the security of a system is to analyze it“
Source: Bruce Schneier
SPDY Security
Security
•Certificate Revocation•Malicious servers•Content inspection•Other new attack vectors
Security
QUIC Security
•Privacy•Authentication•Integrity
QUIC Security
•Replay Protection•Dos Protection•Address Spoofing Detection
QUIC Security
QUIC Security
•Cross-connection attacks?•Embryonic attacks?•Memory exhaustion?•DDoS
The Future
•Web Clients•Web Servers•Internet Infrastructure•Network Infrastructure•SSL Stacks
The Future
The Future
•Libspdy - C•Net-http-spdy – Ruby•Spdylay – Python•http2-katana – C#•Jetty – Java•Erlnag-spdy - Erlang
The Future
Europe
Manchester - Head Office
Cheltenham
Edinburgh
Leatherhead
London
Munich
Amsterdam
Zurich
North America
Atlanta
Chicago
New York
San Francisco
Seattle
Austin
Australia
Sydney
