I don't really know anything about QUIC or what's happening here. But does this mean that HTTP 3 will be encrypted only? Not having de-facto encryption was the biggest failing of HTTP 2.
Originally, QUIC was started as an effort by Google and then more of a "HTTP/2-encrypted-over-UDP" protocol.
I don't really know anything about QUIC or what's happening here. But does this mean that HTTP 3 will be encrypted only? Not having de-facto encryption was the biggest failing of HTTP 2.
IIRC, HTTP/2 is already TLS-only in browsers. At least I remember the Chrome people saying that they won't add unencrypted HTTP/2 to the browser. The Wiki confirms:
IIRC, HTTP/2 is already TLS-only in browsers. At least I remember the Chrome people saying that they won't add unencrypted HTTP/2 to the browser. The Wiki confirms:
Although the standard itself does not require usage of encryption, all major client implementations (Firefox, Chrome, Safari, Opera, IE, Edge) have stated that they will only support HTTP/2 over TLS, which makes encryption de facto mandatory.
According to the spec, HTTP/2 doesn't require encryption. According to actual commonly-used implementations, HTTP/2 without TLS is not supported. Which overall seems like a pragmatic decision to...
Not having de-facto encryption was the biggest failing of HTTP 2.
According to the spec, HTTP/2 doesn't require encryption.
According to actual commonly-used implementations, HTTP/2 without TLS is not supported.
Which overall seems like a pragmatic decision to me...allow SSL/TLS to evolve at a different rate compared to HTTP itself.
An interesting explanation of QUIC can be found over there.
Another interesting article is “How unreliable is UDP?”.
Somewhat related: http://ithare.com/almost-zero-additional-latency-udp-over-tcp/
I don't really know anything about QUIC or what's happening here. But does this mean that HTTP 3 will be encrypted only? Not having de-facto encryption was the biggest failing of HTTP 2.
IIRC, HTTP/2 is already TLS-only in browsers. At least I remember the Chrome people saying that they won't add unencrypted HTTP/2 to the browser. The Wiki confirms:
According to the spec, HTTP/2 doesn't require encryption.
According to actual commonly-used implementations, HTTP/2 without TLS is not supported.
Which overall seems like a pragmatic decision to me...allow SSL/TLS to evolve at a different rate compared to HTTP itself.