he new http/3 version of the http protocol is support by most browsers these days. So let’s take a peek under the hood.
We owe the http/3 protocol to the Google developers and their implementation of the QUIC protocol. https://en.wikipia.org/wiki/QUIC
Before I get into why it’s so awesome and fast, let’s take a look at how TLS 1.2 and TLS 1.3 work.
I simplifi the picture a bit, but I hope I didn’t miss anything essential.
If you want to establish an encrypt connection with the server using TLS 1.2, there are a number of steps that must be taken. The client sends ClientHello and the server responds with ServerHello, during which they agree on both the TLS version and the ciphers us. This operation cost us 2x RTT (round-trip time), which is approximately the value return by the ping command. The next step is the exchange of keys (solv very simply) and the construction of an encrypt channel. Then normal http requests continue to work. So a total of 6x RTT before data starts to be transferr from the server (for example, the desir website).
TLS 1.3 handles this somewhat more
elegantly. In the first step, it sends a ClientHello, along with a list of support ciphers and a key. Server Returns a ServerHello and a key and a message about the establish encrypt connection. So we get the data a bit faster. And last but not least, there is a re-establish connection, which uses PSK (Pre-shar key) so that the encrypt connection is establish with zero RTT (Zero Round Trip Time, 0-RTT, early data).
Well, how does QUIC solve it? QUIC uses authenticat encryption with associat data (AEAD). So the connection is already encrypt at the moment when the connection spain phone number data with the server is establish. In other words, the client sends an http request and it includes the entire TLS 1.3 connection establishment and receives a response from the server via an encrypt channel.
And here we come to the most
important thing – there is 0-RTT already when establishing a connection with the server.
So we can slowly look a little further. Why does http/3 use UDP? The answer is basically very simple. http/2 brought a number of accelerations thanks to multiplexing (multiple requests and responses are transmitt simultaneously within one connection), compression page on how users can of headers, server push (thor js files to the client before the client requests them), but it cannot eliminate Head-of-line blocking problem. In practice, this means that if one packet is lost in an establish http/2 stream, then TCP will let the entire stream wait before resending the lost packet. Well, this is precisely cz lists what UDP can bypass.