Read more.The new protocol promises faster, less bandwidth sapping web browsing.
Read more.The new protocol promises faster, less bandwidth sapping web browsing.
Easier to snoop on.... yay!
NOT.
How do you work that one out? If anything, HTTP2 makes cryptography more accessible.
Last edited by watercooled; 18-02-2015 at 05:40 PM.
It uses 1 tcpip connection instead of multiples ones.
Ie one less step in piecing it together.
Thus making the whole system far more efficient. However it's still muxed at a higher level, and the single TCP stream is just coincidental as far as privacy is concerned - that's what cryptography is for at the end of the day.
If you're expecting parallel TCP connections to offer even a whiff of privacy you'll be sorely disappointed; reassembling streams is really quite trivial - it's what browsers and servers are doing all the time. Tools like Wireshark are quite good at it too. There's a chance some of the packets will find themselves on separate routes over longer connections but that's about it, and that still applies.
It doesn't even make it to storm in a teacup TBH, it's a complete non-issue.
Mate that is a massively uneducated statement and is nothing short of scare-mongering. HTTP/2 should be celebrated, please don't give people false ideas about security concerns you don't really know anything about
Yes, but on the flip side, they've moved to a binary format and added compression, which should mess up a casual sharking pretty well. Plus I've read elsewhere that the single TCP connection may make it easier to tunnel your session over a VPN, thereby adding encryption with less overhead and hassle.
Firefox and IE only support HTTP/2 over TLS, and Chrome's support for HTTP/2 is not enabled by default.
Additionally hosting providers need to launch support for it at the server level. At the moment, neither Apache nor Nginx support HTTP/2.
Fairly long way off?
There are currently 1 users browsing this thread. (0 members and 1 guests)