book

High Performance Browser Networking

by Ilya Grigorik

September 2013

Intermediate to advanced

398 pages

10h 52m

English

O'Reilly Media, Inc.

Book available

Read now

Unlock full access

About This BookConventions Used in This BookSafari® Books OnlineHow to Contact UsContent UpdatesMay 23, 2014
Speed Is a FeatureThe Many Components of LatencySpeed of Light and Propagation LatencyLast-Mile LatencyBandwidth in Core NetworksBandwidth at the Network EdgeDelivering Higher Bandwidth and Lower Latencies
Three-Way HandshakeCongestion Avoidance and ControlFlow ControlSlow-StartCongestion AvoidanceBandwidth-Delay ProductHead-of-Line BlockingOptimizing for TCPTuning Server ConfigurationTuning Application BehaviorPerformance Checklist
Null Protocol ServicesUDP and Network Address TranslatorsConnection-State TimeoutsNAT TraversalSTUN, TURN, and ICEOptimizing for UDP
Encryption, Authentication, and IntegrityHTTPS EverywhereTLS HandshakeRSA, Diffie-Hellman and Forward SecrecyApplication Layer Protocol Negotiation (ALPN)Server Name Indication (SNI)TLS Session ResumptionSession IdentifiersSession TicketsChain of Trust and Certificate AuthoritiesCertificate RevocationCertificate Revocation List (CRL)Online Certificate Status Protocol (OCSP)OCSP StaplingTLS Record ProtocolOptimizing for TLSReduce Computational CostsEnable 1-RTT TLS HandshakesOptimize Connection ReuseLeverage Early TerminationConfigure Session Caching and Stateless ResumptionEnable TLS False StartOptimize TLS Record SizeOptimize the Certificate ChainConfigure OCSP StaplingEnable HTTP Strict Transport Security (HSTS)Enable HTTP Public Key Pinning (HPKP)Update Site Content to HTTPSPerformance ChecklistTesting and Verification
Ubiquitous ConnectivityTypes of Wireless NetworksPerformance Fundamentals of Wireless NetworksBandwidthSignal PowerModulationMeasuring Real-World Wireless Performance
From Ethernet to a Wireless LANWiFi Standards and FeaturesMeasuring and Optimizing WiFi PerformancePacket Loss in WiFi NetworksOptimizing for WiFi NetworksLeverage Unmetered BandwidthAdapt to Variable BandwidthAdapt to Variable Latency

Brief History of the G’sFirst Data Services with 2G3GPP and 3GPP2 PartnershipsEvolution of 3G TechnologiesIMT-Advanced 4G RequirementsLong Term Evolution (LTE)HSPA+ is Leading Worldwide 4G AdoptionBuilding for the Multigeneration FutureDevice Features and CapabilitiesUser Equipment CategoryRadio Resource Controller (RRC)3G, 4G, and WiFi Power RequirementsLTE RRC State MachineHSPA and HSPA+ (UMTS) RRC State MachineEV-DO (CDMA) RRC State MachineInefficiency of Periodic TransfersEnd-to-End Carrier ArchitectureRadio Access Network (RAN)Core Network (CN)Backhaul Capacity and LatencyPacket Flow in a Mobile NetworkInitiating a RequestInbound Data FlowHeterogeneous Networks (HetNets)Real-World 3G, 4G, and WiFi Performance
Preserve Battery PowerEliminate Periodic and Inefficient Data TransfersEliminate Unnecessary Application KeepalivesAnticipate Network Latency OverheadAccount for RRC State TransitionsDecouple User Interactions from Network CommunicationDesign for Variable Network Interface AvailabilityBurst Your Data and Return to IdleOffload to WiFi NetworksApply Protocol and Application Best Practices
HTTP 0.9: The One-Line ProtocolHTTP/1.0: Rapid Growth and Informational RFCHTTP/1.1: Internet StandardHTTP/2: Improving Transport Performance
Hypertext, Web Pages, and Web ApplicationsAnatomy of a Modern Web ApplicationSpeed, Performance, and Human PerceptionAnalyzing the Resource WaterfallPerformance Pillars: Computing, Rendering, NetworkingMore Bandwidth Doesn’t Matter (Much)Latency as a Performance BottleneckSynthetic and Real-User Performance MeasurementBrowser Optimization
Benefits of Keepalive ConnectionsHTTP PipeliningUsing Multiple TCP ConnectionsDomain ShardingMeasuring and Controlling Protocol OverheadConcatenation and SpritingResource Inlining
Brief History of SPDY and HTTP/2Design and Technical GoalsBinary Framing LayerStreams, Messages, and FramesRequest and Response MultiplexingStream PrioritizationOne Connection Per OriginFlow ControlServer PushHeader CompressionUpgrading to HTTP/2Brief Introduction to Binary FramingInitiating a New StreamSending Application DataAnalyzing HTTP/2 Frame Data Flow
Optimizing Physical and Transport LayersEvergreen Performance Best PracticesCache Resources on the ClientCompress Transferred DataEliminate Unnecessary Request BytesParallelize Request and Response ProcessingOptimizing for HTTP/1.xOptimizing for HTTP/2Eliminate Domain ShardingMinimize Concatenation and Image SpritingEliminate Roundtrips with Server PushTest HTTP/2 Server Quality
Connection Management and OptimizationNetwork Security and SandboxingResource and Client State CachingApplication APIs and Protocols
Brief History of XHRCross-Origin Resource Sharing (CORS)Downloading Data with XHRUploading Data with XHRMonitoring Download and Upload ProgressStreaming Data with XHRReal-Time Notifications and DeliveryPolling with XHRLong-Polling with XHRXHR Use Cases and Performance
EventSource APIEvent Stream ProtocolSSE Use Cases and Performance
WebSocket APIWS and WSS URL SchemesReceiving Text and Binary DataSending Text and Binary DataSubprotocol NegotiationWebSocket ProtocolBinary Framing LayerProtocol ExtensionsHTTP Upgrade NegotiationWebSocket Use Cases and PerformanceRequest and Response StreamingMessage OverheadData Efficiency and CompressionCustom Application ProtocolsDeploying WebSocket InfrastructurePerformance Checklist
Standards and Development of WebRTCAudio and Video EnginesAcquiring Audio and Video with getUserMediaReal-Time Network TransportsBrief Introduction to RTCPeerConnection APIEstablishing a Peer-to-Peer ConnectionSignaling and Session NegotiationSession Description Protocol (SDP)Interactive Connectivity Establishment (ICE)Incremental Provisioning (Trickle ICE)Tracking ICE Gathering and Connectivity StatusPutting It All TogetherDelivering Media and Application DataSecure Communication with DTLSDelivering Media with SRTP and SRTCPDelivering application data with SCTPDataChannelSetup and NegotiationConfiguring Message Order and ReliabilityPartially Reliable Delivery and Message SizeWebRTC Use Cases and PerformanceAudio, Video, and Data StreamingMultiparty ArchitecturesInfrastructure and Capacity PlanningData Efficiency and CompressionPerformance Checklist

Content preview from High Performance Browser Networking

Chapter 4. Transport Layer Security (TLS)

The SSL protocol was originally developed at Netscape to enable ecommerce transaction security on the Web, which required encryption to protect customers’ personal data, as well as authentication and integrity guarantees to ensure a safe transaction. To achieve this, the SSL protocol was implemented at the application layer, directly on top of TCP (Figure 4-1), enabling protocols above it (HTTP, email, instant messaging, and many others) to operate unchanged while providing communication security when communicating across the network.

When SSL is used correctly, a third-party observer can only infer the connection endpoints, type of encryption, as well as the frequency and an approximate amount of data sent, but cannot read or modify any of the actual data.

Note

When the SSL protocol was standardized by the IETF, it was renamed to Transport Layer Security (TLS). Many use the TLS and SSL names interchangeably, but technically, they are different, since each describes a different version of the protocol.

SSL 2.0 was the first publicly released version of the protocol, but it was quickly replaced by SSL 3.0 due to a number of discovered security flaws. Because the SSL protocol was proprietary to Netscape, the IETF formed an effort to standardize the protocol, resulting in RFC 2246, which was published ...