SPDY Reaches End of Life: What Now?

by Davey Shafik

On March 15th, 2017, the SPDY protocol will no longer be supported on the Akamai Platform.

SPDY was the initially controversial HTTP/1.x alternative — proposed by Google in 2009 — intended to make the web faster. SPDY proved to be the kick-in-the-pants necessary to get the web moving forward with an official successor to HTTP/1.x, which we know as HTTP/2.

With HTTP/2 now a proposed standard (as RFC 7540 and RFC 7541) thanks to the hard work of the IETF HTTP Working Group, we are joining others and dropping support for SPDY.

With the demise of SPDY, we also see the related NPN extension to TLS going away, and being replaced with ALPN (RFC 7301) which enables protocol negotiation, allowing upgrading to HTTP/2 during the TLS handshake.

Enabling HTTP/2

If you haven’t yet enabled HTTP/2, even if you weren’t using SPDY, now is as good a time as any to do so.

HTTP/2 is now supported by almost 80% of browsers globally, and almost 94% within the USA.

To enable HTTP/2 for your property, add a new Rule, with the HTTP/2 and (recommended but optional) Chunked Transfer Encoding behaviors.

Once you have activated the configuration, you can verify support for HTTP/2 using the Chrome Developer Tools:

  1. Navigate to the page in Chrome.
  2. Bring up Developer Tools (Use Ctrl+Shift+I on Windows/Linux or Cmd+Alt+I on Mac).
  3. Navigate to the Network tab.
  4. If necessary, reload the page.
  5. Review the Protocol column.

You can also use curl to test, so long as it is compiled against libnghttp2. To verify this, run curl --version, and you should see something similar to:

You should see both nghttp2/ on the first line, and HTTP2 listed on the Features: line.

Once you have verified this, you can use the following command to verify that your site is using HTTP/2, replacing https://example.org with your own URL:

You should then see something similar to:

Note that the first line shows HTTP/2 200, indicating it’s using HTTP/2, and recieved a 200 successful status code.

HTTP/2 and TLS

One of the barriers to entry for HTTP/2 is that it is only supported over TLS in the browser.

You can get a free DV (Domain Validated) TLS certificate via the Let’s Encrypt project that is supported in all major browsers.

For more information, read the Let’s Encrypt Getting Started guide.

Next Steps

Once you’ve enabled HTTP/2, you should verify that it has the intended effects. Read how to Successfully Measure HTTP/2.

You can read more about HTTP/2 in future blog posts right here on our Akamai Developer blog.

Categories: Technology

Suggested Article