The approval of HTTP/2 by the Internet Engineering Steering Group (IESG) back in mid-February marked the next major version of the network protocol used by the web. HTTP/2 is based on Google’s protocol SPDY; the most recent standard that was implemented on Chrome, Firefox, Opera, Safari, and other browsers. The goal of HTTP/2 is to allow client/servers to choose a protocol, maintain compatibility with HTTP/1.1, decrease page load latency and support common existing uses of HTTP.
Raising the benefits of HTTP/2 Security
So how will HTTP/2 affect Internet security?
The IETF has not Transport Layer Security (TLS) mandatory to implement HTTP/2. The HTTP/2 specification explains how to use it in both clear text and TLS. But, both Google and Mozilla development teams have announced their intention to support HTTP/2 over TLS only. And, while Microsoft has yet to announce anything officially, test versions of Internet Explorer on the new Windows 10 have shown that Microsoft has made the same decision. All of which makes HTTP/2 effectively mandatory.
If you want to maximize the benefits of HTTP/2 then you should consider implementing it with TLS. HTTP/2 has specific TLS requirements and will be using a safer implementation of TLS. The specification requires TLS version 1.2 or higher, forbids compression and renegotiation, and has strict requirements for key sizes and cipher suite. Here is a summary of HTTP/2’s TLS features/recommendations for browsers and individual users:
- Implement Recommendations for Secure Use of TLS.
- Support Server Name Indication (SNI). HTTP/2 with TLS 1.3 or higher need only support SNI.
- HTTP/2 over TLS 1.2 must disable compression. Compression is unnecessary as HTTP/2 provides secure compression features.
- HTTP/2 over TLS 1.2 must disable renegotiation.
- Ephemeral key exchange sizes of at least 2048-bits for DHE and 224-bits for ECDHE cipher suites are required.
- HTTP/2 should not use cipher suites in the specified black list.
- Cipher suites must be AEAD only.
- HTTP/2 prefers AEAD modes like CGM.
- Requires minimum key sizes of 128 bit EC, 2048 bit RSA.
HTTP/2 also requires the use of Application-Layer Protocol Negotiation Extension (ALPN) per RFC 7301, a TLS extension that efficiently negotiates the HTTP version.
The moral of the story is this — HTTP/2 will be faster and safer. If you want to take advantage of reduced page latency, provide privacy, and keep your users’ data secure, consider implementing HTTP/2 with TLS.
For more information on HTTP/2, review http2 explained.
Update July 14, 2015: Apple will support HTTP/2 in iOS9 and OS X 10.11 and will require HTTP/2 be used over an encrypted TLS connection.