There’s a lot to like about HTTP/3 from encryption as standard, faster set-up time, better compression and promises better throughput by removing head of line blocking. A new protocol making its way through the IETF and based on QUIC, this could have a real impact to anyone involved in streaming.
Nick Shadrin from F5, focussed on NGINX, explains what the trade-offs are, the benefits, how it works and the likely implementation timelines. Nick starts with a look at HTTP from version 0.9 in the early 90s through to HTTP/2. This lays the groundwork for understanding HTTP/3. We quickly move on to looking at the latency improvements that HTTP/3 brings, particularly for high-latency connections where an improvement of up to four-times could be seen.
Nick outlines the benefits of the protocol such as the move of the transport layer out of the kernel. TCP is baked in to the kernel, but QUIC is not which allows for a faster pace of evolution of the protocol to improve it over time. Although TCP has changed since its inception, the rate of change is very slow since there are so many TCP devices, many of which can’t be updated or updates are very difficult. Built-in encryption is great, although browsers have mandated security with HTTP/2 over and above the specification. However, HTTP/3 goes one step further and also encrypts sequence numbers which helps reduce side-channel attacks.
Another useful addition for modern uses is connections based on connection ID. This means that even if the IP changes mid connection, the server can continue to immediately respond to requests on from the new IP as it’s still identifying with the same connection ID.
Nick talks through the different types of protocol negotiations starting with HTTP. It’s easy to upgrade HTTP to HTTPS with a simple 30x redirect. He discusses HSTS, Websockets use with upgrade headers, the way HTTP 1.x negotiates up to HTTP/2 and finally explains the ‘Alt-Svc’ header. The difficulty with moving from HTTP/2 to 3 is that the it’s not just a change in flavour of HTTP, but a lot of the network stack adjusts.
Looking towards the challenges, Nick points to the need for all boxes to understand HTTP/3 for full support to be practical on the internet at large, citing HTTP/2 adoption being only at 40% after three years – HTTP/2 being a TCP based. Another starting issue is UDP having had less attention than TCP in terms of optimisation, so there are currently cases where it’s much faster and times when it’s lower.
In practical terms, life is made harder by not having a plaintext version, since all tools will have to be able to support the encrypted data and, at this stage in its evolution the toolset is still basic.
Software Architect, NGINX