background preloader

SPDY | Protocols

Facebook Twitter

SPDY & Secure Proxy Support in Google Chrome. By Ilya Grigorik on June 25, 2012 One of the unique features of Google Chrome is the built-in support for SSL-based proxies. Although HTTP proxies can tunnel SSL, the initial connection to the proxy is done in plain text, which allows an intruder to eavesdrop on the hosts you are navigating to. Historically, to address this limitation we have had to rely on additional client-side software to create a VPN tunnel (ex, OpenVPN), or route our connections via SSH (ex, SOCKS tunnels over SSH with ssh -D). With Chrome, you can simply give the browser a URL of an HTTPS proxy, and the rest is taken care of: a TLS tunnel is established to the proxy, and the proxied requests are sent over a secure link. No eavesdropping allowed! SPDY Proxy via SSL NPN The added benefit of supporting HTTPS proxies is that we can use SSL's Next Protocol Negotiation (NPN) to upgrade our connection to speak SPDY!

DIY SPDY Proxy with node.js One way to see SPDY proxy in action is to pickup a Kindle Fire device. Add SPDY support to your Apache server with mod_spdy. By Matthew Steele and Bryan McQuade, PageSpeed Insights Team At Google, we strive to make the whole web fast. Our work in this area includes PageSpeed, Google Chrome, and the SPDY protocol, among other efforts. In December of 2011, to make it easy for you to enable the SPDY (pronounced "SPeeDY") protocol on your sites, we released an early beta of mod_spdy, an Apache module that adds SPDY support to the Apache HTTPD server. We’ve spent the last few months working with our early adopters to fix bugs and tune performance of the module.

Today, we’re launching a version of mod_spdy that we encourage you to try on your web server. Installing mod_spdy To install mod_spdy on your Apache 2.2 server, simply download the appropriate mod_spdy Debian or RPM package for your platform, or compile from source. Enabling SPDY for your site improves performance in several ways: How mod_spdy works in Apache Implementing SPDY in Apache posed several interesting challenges. SPDY Tools and Debugging. With a new protocol, tools and debugging aids are always in short supply. If you have time to help build additional tools, please do so and feel free to post them here! Debugging tools: Chromeabout:net-internalsThis URL is a magic URL in Chrome which provides data about the chrome network stack.

It has been fully updated to enumerate SPDY frames and status.Events Tab: This tab shows network events. Mod-spdy - Apache SPDY module. Indutny/node-spdy - GitHub. SPDY: An experimental protocol for a faster web. Some specific technical goals are: To allow many concurrent HTTP requests to run across a single TCP session.To reduce the bandwidth currently used by HTTP by compressing headers and eliminating unnecessary headers.To define a protocol that is easy to implement and server-efficient.

We hope to reduce the complexity of HTTP by cutting down on edge cases and defining easily parsed message formats.To make SSL the underlying transport protocol, for better security and compatibility with existing network infrastructure. Although SSL does introduce a latency penalty, we believe that the long-term future of the web depends on a secure network connection. In addition, the use of SSL is necessary to ensure that communication across existing proxies is not broken.

SPDY design and features SPDY adds a session layer atop of SSL that allows for multiple concurrent, interleaved streams over a single TCP connection. Streams are bi-directional, i.e. can be initiated by the client and server. Server push. SPDY. SPDY. As of July 2012[update], the group developing SPDY has stated publicly that it is working toward standardisation (available as an Internet Draft).[3] The first draft of HTTP 2.0 is using SPDY as the working base for its specification draft and editing.[4] Design[edit] The goal of SPDY is to reduce web page load time.[9] This is achieved by prioritizing and multiplexing the transfer of web page subresources so that only one connection per client is required.[1][10] TLS encryption is nearly ubiquitous in SPDY implementations, and transmission headers are gzip- or DEFLATE-compressed by design[11] (in contrast to HTTP, where the headers are sent as human-readable text).

Moreover, servers may hint or even push content instead of awaiting individual requests for each resource of a web page.[12] SPDY requires the use of SSL/TLS (with TLS extension NPN), and does not support operation over plain HTTP. Relation to HTTP[edit] Caching[edit] Protocol support[edit] Protocol versions[edit] See also[edit]