Upgrade to Pro — share decks privately, control downloads, hide ads and more …

IETF/W3C/etc De-facto STD Overview (in My Case)

IETF/W3C/etc De-facto STD Overview (in My Case)

「IETF標準化セミナー」 2015/3/11 ( http://www.isoc.jp/wiki.cgi?page=20150311-IETF-Standardization-Seminar ) 発表資料 #isocjp

More Decks by HAYASHI, Tatsuya ( @lef )

Other Decks in Technology

Transcript

  1. https://lepidum.co.jp/ Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    IETF/W3C/etc
    De-facto STD Overview
    (in My Case)
    株式会社レピダム 林 達也 (@lef )
    HAYASHI, Tatsuya / Lepidum Co. Ltd.
    IETF標準化セミナー
    (2015/3/11)

    View full-size slide

  2. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    Speaker's Position
     Lepidum Co. Ltd. ( https://lepidum.co.jp/ )

    President, Founder and Owner
     Internet Society Japan Chapter

    Online Identity Working Group Chair

    Program Committee Member (2013-2015)
     OpenID Foundation Japan

    Executive Director
     Identity Conference ( #idcon )

    Organizer
     Keio University

    Visiting Researcher, Keio Research Institute at SFC

    View full-size slide

  3. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    World Wide Web Consortium

    View full-size slide

  4. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    Internet Engineering Task Force

    View full-size slide

  5. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    ABOUT HTTP/2
    De-facto STD Overview

    View full-size slide

  6. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    HTTP/1.1
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 06 Mar 2013 03:41:55 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: keep-alive
    Set-Cookie: CG=US:TX:San+Antonio; path=/
    Last-Modified: Wed, 06 Mar 2013 03:41:03 GMT
    Vary: Accept-Encoding
    Cache-Control: max-age=60, private
    Expires: Wed, 06 Mar 2013 03:42:48 GMT
    Content-Encoding: gzip

    View full-size slide

  7. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    HTTP/2

    View full-size slide

  8. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    HTTP/2
    Silent, but Huge change
    in the world of the Web
     Motivation

    Efficient network resource usage

    Performance improvement in any environment

    Modern security requirement
     Among several proposal, SPDY is chosen as a draft of
    HTTP/2 discussion
     Now standardization in IETF httpbis Working Group

    View full-size slide

  9. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    HTTP/2 Protocol Overview
    Ethernet
    IP(v4/v6)
    TCP
    HTTP/2 Frame Layer
    HTTP/1.1 Semantics
    TLS

    View full-size slide

  10. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    Difference from HTTP/1.1 to HTTP/2
     Text to Binary
     Header Compression
     Multiplexing
     Prioritizing
     Connection Start Process
     Use policy of TCP Connection
     etc...

    View full-size slide

  11. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    Contributors (a part of...)
    from "HTTP/2.0: Challenges and Opportunities
    Mark Nottingham ( @mnot )"
    http://www.mnot.net/talks/http2-challenges/#/4

    View full-size slide

  12. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    Roadmap
     Mar 2012 IETF83 - Paris, France
     Jul 2012 IETF84 - Vancouver, CA
     Nov 2012 IETF85 - Atlanta, US
     Jan 2013 Interim - Tokyo, JP
     Mar 2013 IETF86 - Orlando, US
     Jun 2013 Interim - San Francisco, US
     Jul 2013 IETF87 - Berlin, DE
     Aug 2013 Interim - Hamburg, DE
     Oct 2013 Interim - Seattle, US
     Nov 2013 IETF88 - Vancouver, CA
     Jan 2014 Interim - Zurich, CH
     Mar 2014 IETF89 - London, UK
     Mar 2014 Interim - London, UK
     Jun 2014 Interim - New York, US
     Jul 2014 IETF90 - Toronto, CA
     Nov 2014 IETF91 - Honolulu, US
    about
    3 years

    View full-size slide

  13. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    ABOUT SPDY AND QUIC
    (HTTP/2 BACKGROUND)
    De-facto STD Overview

    View full-size slide

  14. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    SPDY
     Real world deployment.

    Google, Facebook ,Twitter, etc...

    Chrome(Chromium),
    Firefox, Opera, IE11, etc...

    Jetty, Apache, nginx, etc...
     Source of Next Web Protocol (HTTP/2, QUIC)
     Mandatory Encryption(TLS/HTTPS)
     SPDY4 ≒ HTTP/2
     SPDY5? = Next SPDY?

    View full-size slide

  15. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    Why do we get a SPDY?
    Mobile
    Friendly
    Optimization
    Fast Quick

    View full-size slide

  16. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    Why now HTTP/2 ?
    Interoperability
    More
    Optimization
    Standard Implementation

    View full-size slide

  17. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    What is happening Now ?
    Vulnerability
    (CRIME, HeartBleed)
    Header
    Compression
    HPACK
    Pervasive Monitoring
    (PRISM)
    End to End
    Encryption
    Perfect
    Forward
    Secrecy
    Challenge
    (SPDY, HTTP/2, QUIC)
    Max
    Optimization
    Mandatory
    Encryption

    View full-size slide

  18. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    QUIC: "Quick UDP Internet Connections"
     New UDP Base transport layer protocol
     Implemented Chrome(and Chromium)
     Real world deployment. but Google only
     main use: SPDY over QUIC
     TCP and TLS layer replacement
     Userland Impl.

    Not Kernel mode, Not Network Stack
     QUIC project is cloaked...

    "Quick UDP Internet Connections Multiplexed Stream Transport
    over UDP" in IETF88 tsvarea

    Chromium source code

    blog article, design doc, etc...

    View full-size slide

  19. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    Cite: "Experimenting with QUIC"
    from Chromium blog
     "High security similar to TLS"
     "Fast (often 0-RTT) connectivity similar to TLS
    Snapstart combined with TCP Fast Open"
     "Packet pacing to reduce packet loss"
     "Packet error correction to reduce retransmission
    latency"
     "UDP transport to avoid TCP head-of-line blocking"
     "A connection identifier to reduce reconnections
    for mobile clients"
     "A pluggable congestion control mechanism"

    View full-size slide

  20. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    • QUIC
    • etc...
    More
    Optimization !
    • HTTPS, TLS 1.3
    • etc...
    More Security !
    • Server Push, Flow Control
    • Priority Forest
    • etc...
    More Function !
    What is happening Future ?

    View full-size slide

  21. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    DE-FACTO / FORUM STD ACTIVITY
    EXAMPLE
    De-facto STD Overview

    View full-size slide

  22. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    De-Facto / Forum STD Body (My Case)
     Internet Engineering Taskforce (IETF)
     World Wide Web Consortium (W3C)
     Internet Society / Internet Society Japan
    Chapter

    ISOC-JP Program Committee (2013-2015)

    ISOC-JP Online Identity Working Group
     OpenID Foundation / OIDF Japan

    View full-size slide

  23. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    Protocols
     WebSocket
     WebRTC
     HTTP/2
     OAuth2
     OpenID Connect
     etc...

    View full-size slide

  24. Copyright © 2004-2015 Lepidum Co. Ltd. All rights reserved.
    https://lepidum.co.jp/
    My Step
    • HTTP Mutual Authentication [ IETF ]
    • OAUTH [ IETF ]
    • OpenID Connect [ OIDF ]
    • [ #idcon ]
    • [ OIDF-J ]
    • [ W3C ]
    • HTTPAUTH [ IETF ]
    • HTTP/2 [ IETF ]
    • [ #http2study ] WEBPUSH, JOSE,
    etc...
    [ ISOC-JP ]

    View full-size slide