W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2012

Re: Re[4]: HTTP2 Expression of Interest

From: Mike Belshe <mike@belshe.com>
Date: Tue, 17 Jul 2012 20:43:19 -0700
Message-ID: <CABaLYCuqZw8R7XqJy-PzibMSkGVS7ZnOdd5dk3-Q1T8+MpVgoQ@mail.gmail.com>
To: "Adrien W. de Croy" <adrien@qbik.com>
Cc: Rajeev Bector <rbector@yahoo-inc.com>, Martin Thomson <martin.thomson@gmail.com>, Martin J. Dürst <duerst@it.aoyama.ac.jp>, Doug Beaver <doug@fb.com>, Willy Tarreau <w@1wt.eu>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On Tue, Jul 17, 2012 at 8:34 PM, Adrien W. de Croy <adrien@qbik.com> wrote:

>
> we can already transfer many objects over a single connection with HTTP/1.1
>
> SPDY without SSL would be more speedy than with it.
>
> There may be only a couple R-Ts to get an SSL handshake, but sprinkle on a
> CRL / OCSP check and you're left eating dust.
>
> So, let's just get this straight for the record.  SSL will not improve
> latency.  It will make it worse, and for many people (on
> already-high-latency links) a LOT worse.
>

Of course, no-SSL is lower latency than SSL.  It's not 3 RTs all the time,
but yes, OSCP can add a lot, and SSL implementations vary.  But SPDY gains
a lot of this back with fewer connections, multiplexing, and compression.
 Don't forget to implement SSL False Start in your client.  Obviously an
un-optimized SSL stack will have a harder time than an optimized one.

But its not true that every bit of latency is more important than security.

Note that Google has reported overall latency of SPDY + SSL is faster than
HTTP without SSL or SPDY.

Mike


>
>
> ------ Original Message ------
> From: "Rajeev Bector" <rbector@yahoo-inc.com>
> To: "Adrien W. de Croy" <adrien@qbik.com>;"Martin Thomson" <
> martin.thomson@gmail.com>;"Martin J. Dürst" <duerst@it.aoyama.ac.jp>
> Cc: "Doug Beaver" <doug@fb.com>;"Willy Tarreau" <w@1wt.eu>;"
> ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
> Sent: 18/07/2012 3:26:56 p.m.
> Subject: Re: Re[2]: HTTP2 Expression of Interest
>
>  Arguably, the cost of 3 Rts is amortized over many many objects that
> gets transferred over the session. That said, I am trying to imagine how to
> do crypto on my Arduino :-).
>
>
> From: "Adrien W. de Croy" < <adrien@qbik.com>adrien@qbik.com>
> Reply-To: "Adrien W. de Croy" < <adrien@qbik.com>adrien@qbik.com>
> Date: Tue, 17 Jul 2012 20:20:09 -0700
> To: Martin Thomson < <martin.thomson@gmail.com>martin.thomson@gmail.com>,
> "Martin J. Dürst" < <duerst@it.aoyama.ac.jp>duerst@it.aoyama.ac.jp>
> Cc: Doug Beaver < <doug@fb.com>doug@fb.com>, Willy Tarreau < <w@1wt.eu>
> w@1wt.eu>, " <ietf-http-wg@w3.org>ietf-http-wg@w3.org" <<ietf-http-wg@w3.org>
> ietf-http-wg@w3.org>
> Subject: Re[2]: HTTP2 Expression of Interest
>
>
> ------ Original Message ------
> From: "Martin Thomson" < <martin.thomson@gmail.com>
> martin.thomson@gmail.com>
>
> On 17 July 2012 19:35, "Martin J. Dürst" < <duerst@it.aoyama.ac.jp>
> duerst@it.aoyama.ac.jp> wrote:
>
>
> So why are we okay with 10-20% more processing costs for everybody, but not
> with 10-20% more bandwidth? What's different between processing costs and
> bandwidth?
>
>
>
> Personally, I thought that the first optimization was for latency,
>
> How do you optimise latency by adding 3 RTs in a SSL setup?
>
>
>
> with bandwidth as secondary and (obviously) consequential.  Trade-offs
> may have to be made.
>
>
>
>
>
>
>
Received on Wednesday, 18 July 2012 03:43:48 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 18 July 2012 03:43:55 GMT