2009年,Google提议HTTP协议的举动引起了工业界的大讨论。当时的概念叫做 SPDY,时至今日,虽然人们对于Google的动机始终不是很清楚,但是毫无疑问SPDY还没有发现对手。
这周,这种情况也许会发生变化。像微软之前统治世界的方式一样(embrace + extend),他们现在正在着手一项奇怪的战略,推进了一组IETF尚未发布的技术方案,微软称之为下一代HTTP。包括了多路复用多个组件(像SPDY)和一个全时加密的会话层(类似SPDY,但是不依赖于SSL或TLS)。extend 的则暗示了 WebSocket 的应用,一项为下一代Web应用提供的双工通信标准。
网络世界是否需要"S+M”?
微软的介绍性文档中包括下面这一段话:“HTTP at its core is a simple request-response protocol. The [IETF Network] working group has clearly stated that it is a goal to preserve the semantics of HTTP. Thus, we believe that the request-response nature of the HTTP protocol must be preserved. The core HTTP 2.0 protocol should focus on optimizing these HTTP semantics, while improving the transport via a new session layer. Additional capabilities that introduce new communication models like unrequested responses must be treated as an extension to the core protocol, and explored separately from the core protocol.”。
大意是,HTTP的核心是一个请求、应答协议。IETF工作组已经明确表明要保留HTTP的语义,因此我们相信HTTP中请求、应答的本质必须保留下来。HTTP2.0的核心应该聚焦在如何优化这些语义以及通过引入新的会话层来改进传输效率。其他的诸如引入非请求式应答这样的新通讯方式等特性只能作为核心的扩展,与核心协议鲜明的区分开来。
几乎所有的互联网工程师都认为,通过引入包含多路和加密功能的会话层,能够极大地提高Web互动的一致性,降低网络传输的消耗。对于Google的SPDY提议,除了因为使用SSL而造成了的TLS部分大量的修改外,基本上没有太多争议。
如果WebSocket是浏览器阵营一直以来的工作目标,微软在自己的HTTP2.0提案中加入WebSocket的内容究竟意欲何为呢?(下图是微软提议的示意图)
上周的早些时候,微软的一位受人尊敬的互动工程师Jean Paoli在一篇博客中指出“HTTP的Speed+Mobility提案起源自Google的SPDY以及业界已经完成的WebSockets基础之上。SPDY在提醒人们注意Web的性能方面以及提升HTTP速度方面的努力令人尊敬,目前主要的问题在于如何使SPDY满足移动设备和应用的需求。”。
有些内容被有意留空
微软此次提案的其他部分看起来更像是一场辩论,而不是一份提案。例如:“There is no 'one size fits all' deployment of HTTP. For example, at times it may not be optimal to use compression in certain environments. For constrained sensors from the 'Internet of things' scenario, CPU resources may be at a premium. Having a high performance but flexible HTTP 2.0 solution will enable interoperability for a wider variety of scenarios. There also may be aspects of security that are not appropriate for all implementations. Encryption must be optional to allow HTTP 2.0 to meet certain scenarios and regulations.”。
关于加密会话层一直以来充满了争议,一些人认为他只应当被用在一些重要的事务上。如果对所有的事务进行加密,那么网络上的嗅探者将毫无作为。微软提议关掉这项特性,指出由此可以减少电力和时间的消耗。类似的争论还有很多,比如人们认为HTTP协议不太适合在设备之间进行通讯,他们建议选用C/S的通讯方式,其中就有微软。
微软真的想促进HTTP协议的进步吗?至少从历史上来看不是这样的。
HTTP 1.0's deficiencies and omissions are legendary, and its usefulness in the modern realm of Web applications has come only with substantive effort. The need to replace HTTP 1.0 was recognized by cooperating members of the IETF from the time the Web began.
But the first, best chance at upgrading HTTP with an object-oriented protocol geared toward apps came and went in 1999. HTTP-NG, as it was called at the time, ceased to be discussed not long after some of its creators were hired into Microsoft Research. A technology that would have enabled Web applications a full decade-and-a-half before the form factors for such apps were even fleshed out, stalled for lack of momentum - all in the interest of "open discussion." There's a danger here that Microsoft's move could cause the latest incarnation of HTTP 2.0 to suffer the same fate.
参考资料:
1、Is Microsoft Challenging Google on HTTP2.0 with WebSocket?
2、SPDY
3、WebSocket 百度百科
4、认识HTML5的WebSocket