Do you ever enjoy reading something even though you know your knowledge barely scratches the surface of what’s being discussed? I do.
Reading anything written by Zack Tollman is a delight to me, and in this case I wouldn’t say my knowledge scratches the surface as much as it gently swipes the surface like a soft dusting cloth. But I don’t care, because it’s Zack Tollman and every word I’m reading is making me just a little bit smarter.
In this post, Zack is talking about HTTP/2 and Nghttpx. I literally had to copy and paste Nghttpx because I mean, come on.
It turns out Nghttpx (still just pasting) is the new hotness, but I don’t really know compared to what, and HTTP/2 is the long awaited successor to good ‘ole HTTP.
Okay, okay, the website calls Nghttpx, “a proxy translating protocols between HTTP/2 and other protocols (e.g., HTTP/1, SPDY).” Zack is using it as a proxy for Nginx, until Nginx supports HTTP/2.
In Zack’s post, he describes setting up TLS with Nghttpx (I’ve now typed it out twice!), versus setting it up with Nginx. He was nervous about it because he likes the configuration opportunities with Nginx. It turns out he was pleasantly surprised by Nghttpx’s configuration options, but even moreso by it’s out of the box settings.
To my surprise, Nghttpx’s TLS configuration is just as powerful as Nginx’s. Moreover, the default Nghttpx TLS configuration will produce an “A” rating on SSL Labs. Let me repeat that, without any special configuration, Nghttpx provides a best in class TLS configuration out of the box.
…
Basically, if you implement a secure connection in Nginx today, you need to take care to configure these things specifically. If you don’t, you may find yourself susceptible to a TLS-related vulnerability. Nghttpx gives you this security for free.
Anyway, it seems the future is going to be pretty cool. But HTTP/2 was why Zack started this party, and he says we have a lot to look forward to.
HTTP/2 is going to be awesome. After playing with it for only a few hours, I am excited about the future of the web. Browser vendors are aggressively preparing for this future and with software like Nghttp2, we can already start experimenting with this exciting technology. I am also impressed by Nghttp2 itself. It was easy to install, well documented, and ships with important defaults. I encourage you to start experimenting with HTTP/2 yourself.
He has some neat waterfall charts and experiments he ran with HTTP/2 outlined in the post.
And if you are the highly experimental type, he shows you how to replicate what he did on his own site and get setup playing with these technologies. But at least read it and get smarter!
