W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: SPDY = HTTP/2.0 or not ?

From: Brian Pane <brianp@brianp.net>
Date: Mon, 26 Mar 2012 00:16:20 -0700
Message-ID: <CAAbTgTvr2-AhNAneZ1-sTrik5ZZ5WRhr2QbnB4UbDSz4XqZfBg@mail.gmail.com>
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
On Sun, Mar 25, 2012 at 10:56 PM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
> In message <CAAbTgTu7qbPiREWRRqFddgoko0FCt0jmxR=NP1gqsiARCwscew@mail.gmail.com>
> , Brian Pane writes:
>
>>Nonetheless, I think it would be reasonable for HTTP/2.0 to require SSL.
>
> I think you need to talk to some people with big websites ;-)

In my day job, I work on L7 performance at a website with
800 million users. Does that count? ;-)

> There are a large swath of the HTTP traffic that doesn't need and cannot
> afford the overhead of crypto and if you mandate that HTTP/2.0 use
> crypto, they will simply stay on HTTP/1.1 forever.

The cost of the crypto overhead isn't what it used to be.
Nowadays a single core of a commodity CPU can do
thousands of 1024-bit RSA operations per second or
well over a Gb/s of RC4 or AES encryption.

-Brian
Received on Monday, 26 March 2012 07:16:49 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:57 GMT