TL;DR
IETF(Internet Engineering Task Force) has agreed to rename HTTP-over-QUIC to HTTP/3. What the flip are they anyway?
Describe QUIC and HTTP/3 in one sentence each.
Note: QUIC != HTTP/3, iQUIC + HTTP/2 API == HTTP/3
QUIC is a new transport protocol originally proposed by a Google developer to resolve many of problems which the current HTTP/1.1 and HTTP/2 have.
HTTP/3, previously called HTTP-over-QUIC, is a protocol stack integrated with QUIC and HTTP/2.
Before you learn them
OK, as you've read the describes already, before you get to know about them, you would need to know how current HTTP works.
HTTP(HyperText Transport Protocol) is an application layer protocol to deliver HyperText Documents such as HTML and XML. Nowadays it's used pretty much everywhere on the Internet for many different purposes and it's now so-called "World Wide Web".
Why did they need changes?
HTTP was originally made by a CERN scientist called Tim Berners-Lee but the very original protocol was very simple and just has GET method. It was so simple that it has only one single page documentation.
Now we use HTTP/1.1 for the most traffics but it has the following problems
- HTTP is a pretty-much-30-years-old protocol
- Security layer is not included in the protocol
- Any traffic could be watched by someone unless server maintainer enables TLS
- Ref: https://letsencrypt.org/2014/11/18/announcing-lets-encrypt.html
- Even TLS 1.2 has some problems(Don't use older than TLS 1.1 without a valid reason :P)
- HoL Blocking can be a huge problem when you have huge traffic
- Both HTTP/1.1 and TCP have this problem from different aspect
- HTTP/2 addressed the problem from HTTP wise
- As long as HTTP relies on TCP, HoL Blocking based on TCP cannot be resolved even if you enable HTTP/2
- One packet lost makes all stream wait until the package is received
How does HTTP/3 resolve these problems?
- QUIC works on UDP protocol(!)
- QUIC layer gives...
- Encryption integrated with TLS 1.3 with 0-RTT handshake
- Ref: https://speakerdeck.com/kazuho/security-privacy-performance-of-next-generation-transport-protocols
- Congestion control without "good old" TCP
- High accessibility under mobile network w/ Connection UUID(Switching Wi-Fi <-> LTE won’t make renegotiation)
Protocol Overview
Translation note
認証・鍵交換: Certification/Key exchange
優先度制御: Priority control
多重化: Multiplexing
暗号化: Encryption
トランスポート: Transport
Hope it helps you understand what they are :)
Top comments (2)
Hi inductor,
very interesting. Didn't know HTTP-over-UDP was that far along.
I wonder already how long it will take for HTTP/2 to be everywhere, HTTP/3 has a long way to go I guess.
Hey rhymes,
Google and other big providers including CDN such as Fastly is moving this so "fastly" :P
QUIC requires 443 UDP port to be open so it'd be a big problem for security operation divisions.