High Performance Browser Networking

High Performance Browser Networking” by Ilya Grigorik is a book that a provides a  hands-on overview of what every web developer needs to know about the various types of networks (WiFi, 3G/4G), transport protocols (UDP, TCP, and TLS), application protocols (HTTP/1.1, HTTP/2), and APIs available in the browser (XHR, WebSocket, WebRTC, and more) to deliver the best—fast, reliable, and resilient—user experience.

Ilya Grigorik is a web performance engineer at Google and co-chair of the W3C Web Performance Working Group. Follow him on his blog and Twitter for the latest web performance news, tips, and talks.

TLS 1.3 design finalized

The biggest practical development in crypto for 2016 is the finalization  Transport Layer Security version 1.3. TLS is the most important and widely used cryptographic protocol and is the backbone of secure Internet communication.

How might users notice TLS 1.3?

Speed. TLS 1.3 is designed for speed, specifically by reducing the number of network round-trips required before data can be sent to one round-trip (1-RTT) or even zero round-trips (0-RTT) for repeat connections.

These ideas have appeared before in experimental form through the QUIC protocol and False Start for earlier TLS versions, but as part of the default behavior of TLS 1.3 they will soon become much more widespread. This means latency will decrease and webpages will load faster.

TLS 1.3 should be a big improvement security-wise.

First, the protocol is much simpler by removing support for a number of old protocol features and obsolete cryptographic algorithms. Additionally, TLS 1.3 was designed with the benefit of model checking (which has been used to find flaws in many older versions of TLS and SSL).

What are you waiting for?

Now, all we need to do is wait for OpenSSL to release a updated version with TLS. 1.3, something they are working on.  Or if you don’t have time for that, you could build OpenSSL from source yourself.