More like this

Software

Arrow

Developer

RIP SPDY, we hardly knew ye: Google to retire next-gen web protocol

HTTP/2 to take its place

Google has decided to mothball its home-grown SPDY internet application-layer protocol in future versions of its Chrome browser, in favor of the Internet Engineering Taskforce's HTTP/2 spec.

"Chrome has supported SPDY since Chrome 6, but since most of the benefits are present in HTTP/2, it's time to say goodbye," Google engineer Chris Bentzel wrote in a blog post on Monday.

Not that there are any sour grapes or anything. Bentzel didn't bother to toot Google's own horn in his post, observing only that, "Some key features [of HTTP/2] such as multiplexing, header compression, prioritization and protocol negotiation evolved from work done in an earlier open, but non-standard protocol named SPDY."

To most of us, that would be "Google's SPDY," even if Bentzel didn't mention the fact. The Chocolate Factory unveiled the protocol in 2009, claiming it would deliver as much as a 55 per cent speed increase for the web's highest-traffic sites.

Ideas first introduced in SPDY went on to inform the IETF's work on the HTTP/2 spec, which is currently in draft form and is expected to be published as an RFC this month.

But not everyone involved in the HTTP/2 work agreed that SPDY was the right starting point. In 2014, FreeBSD developer Poul-Henning Kamp notoriously recommended that the IETF "throw out" SPDY, saying the HTTP/2 working group had "wasted a lot of time and effort trying to goldplate over the warts and mistakes in it."

"We found out that there are numerous hard problems that SPDY doesn't even get close to solving," Kamp wrote, "and that we will need to make some simplifications in the evolved HTTP concept if we ever want to solve them."

Among Kamp's complaints were that the SPDY spec employs "pointless encryption" even for applications that don't need it – or, perhaps, are legally banned from using it – while doing little to enhance privacy protections for individuals.

Despite these complaints, work on HTTP/2 based on SPDY continued, with some looking to HTTP/3 as the place to address some of the current protocol's shortcomings.

Google's decision to kill SPDY in Chrome will go unnoticed by most users. Both the web browser and the server must support the protocol for it to have any effect, and few web servers enabled it – Google being a notable exception, naturally.

In addition to removing support for SPDY, Google says it will also nix an extension to the Transport Layer Security (TLS) protocol called Next Protocol Negotiation (NPN) in favor of the newer Application-Layer Protocol Negotiation (ALPN) extension spec.

"Server developers are strongly encouraged to move to HTTP/2 and ALPN," Google's Bentzel wrote. "We're happy to have contributed to the open standards process that led to HTTP/2, and hope to see wide adoption given the broad industry engagement on standardization and implementation."

If you're a fan of SPDY, however, you needn't worry for now. Google says it won't remove support for the spec from Chrome until "early 2016." Meanwhile, a version of Chrome that supports HTTP/2 will roll out to the browser's Stable release channel in the next few weeks. ®

Sponsored: 2016 Cyberthreat defense report