I-IETF (I-Internet Engineering Task Force), ebhekele ukuthuthukiswa kwezivumelwano ze-inthanethi kanye nezakhiwo, isiqede ukwakhiwa kwe-RFC yephrothokholi ye-HTTP/3.0 futhi yashicilela imininingwane ehlobene ngaphansi kwezihlonzi i-RFC 9114 (iphrothokholi) ne-RFC 9204 ( Ubuchwepheshe bokucindezela unhlokweni be-QPACK ye-HTTP/3) . Ukucaciswa kwe-HTTP/3.0 kuthole isimo “seZinga Elihlongozwayo”, ngemva kwalokho umsebenzi uzoqala ukunikeza i-RFC isimo sezinga lokusalungiswa (Okusalungiswa Okujwayelekile), okusho ukuthi empeleni ukuzinza okuphelele kwephrothokholi futhi kucatshangelwa konke. imibono eyenziwe. Ngaso leso sikhathi, kwashicilelwa izinguqulo ezibuyekeziwe zokucaciswa kwephrothokholi ye-HTTP/1.1 (RFC 9112) kanye ne-HTTP/2.0 (RFC 9113), kanye nemibhalo echaza i-semantics yezicelo ze-HTTP (RFC 9110) kanye nezihloko zokulawula inqolobane ye-HTTP. (RFC 9111).
Iphrothokholi ye-HTTP/3 ichaza ukusetshenziswa kwephrothokholi ye-QUIC (Quick UDP Internet Connections) njengendlela yokuthutha ye-HTTP/2. I-QUIC iyisandiso sephrothokholi ye-UDP esekela ukuphindwaphindwa kokuxhumana okuningi futhi inikeza izindlela zokubethela ezilingana ne-TLS/SSL. Iphrothokholi yadalwa ngo-2013 yi-Google njengenye indlela yenhlanganisela ye-TCP+TLS Yewebhu, ixazulula izinkinga ngokusetha okude kokuxhumeka nezikhathi zokuxoxisana ku-TCP futhi iqeda ukubambezeleka lapho amaphakethe elahleka ngesikhathi sokudlulisa idatha.
Njengamanje, ukusekelwa kwe-QUIC ne-HTTP/3.0 sekuvele kusetshenziswe kuzo zonke iziphequluli zewebhu ezidumile (ku-Chrome, Firefox ne-Edge, ukusekelwa kwe-HTTP/3 kunikwe amandla ngokuzenzakalela, futhi ku-Safari kudinga ukulungiselelwa kokuthi “Okuthuthukisiwe > Izici Zokuhlola > HTTP/3” ukuze inikwe amandla). Ohlangothini lweseva, ukuqaliswa kwe-HTTP/3 kuyatholakala ku-nginx (egatsheni elihlukile futhi ngesimo semojuli ehlukile), i-Caddy, IIS kanye ne-LiteSpeed. Ukusekelwa kwe-HTTP/3 kuhlinzekwa nenethiwekhi yokulethwa kokuqukethwe kwe-Cloudflare.
Izici ezibalulekile ze-QUIC:
- Ukuvikeleka okuphezulu okufana ne-TLS (empeleni i-QUIC inikeza ikhono lokusebenzisa i-TLS phezu kwe-UDP);
- Ukulawula ubuqotho bokugeleza, ukuvimbela ukulahlekelwa kwephakethe;
- Ikhono lokusungula ngokushesha uxhumano (0-RTT, cishe ku-75% wedatha yamacala ingadluliselwa ngokushesha ngemva kokuthumela iphakethe lokusetha uxhumano) futhi inikeze ukubambezeleka okuncane phakathi kokuthumela isicelo nokuthola impendulo (i-RTT, Isikhathi Sohambo Olujikelezayo);
- Ukusebenzisa inombolo ehlukile yokulandelana lapho uthumela kabusha iphakethe, okugwema ukungaqondakali ekukhombeni amaphakethe atholiwe futhi kususe ukuphela kwesikhathi;
- Ukulahleka kwephakethe kuthinta kuphela ukulethwa kokusakaza okuhlotshaniswa nayo futhi akuvimbi ukulethwa kwedatha emifudlaneni ehambisanayo edluliselwa ngoxhumo lwamanje;
- Izici zokulungiswa kwephutha ezinciphisa ukubambezeleka ngenxa yokudluliselwa kabusha kwamaphakethe alahlekile. Ukusetshenziswa kwamakhodi akhethekile okulungisa amaphutha ezingeni lephakethe ukunciphisa izimo ezidinga ukudluliswa kabusha kwedatha yephakethe elahlekile.
- Imingcele ye-Cryptographic block iqondaniswe nemingcele yephakethe ye-QUIC, enciphisa umthelela wokulahlekelwa kwephakethe ekuhlukaniseni okuqukethwe kwamaphakethe alandelayo;
- Azikho izinkinga ngokuvinjwa komugqa we-TCP;
- Ukusekela okokuhlonza uxhumano, okunciphisa isikhathi esisithathayo ukuze kusungulwe ukuxhuma kabusha kwamaklayenti eselula;
- Amathuba okuxhuma izindlela zokulawula ukuminyana okuthuthukile;
- Isebenzisa amasu okubikezela kokuphuma kokuqondisa ngakunye ukuze kuqinisekiswe ukuthi amaphakethe athunyelwa ngezilinganiso ezifanele, ukuwavimbela ekubeni aminyene futhi abangele ukulahleka kwephakethe;
- Ukwenyuka okukhulu ekusebenzeni nasekuphumeni komsebenzi uma kuqhathaniswa ne-TCP. Ezinsizeni zevidiyo ezifana ne-YouTube, i-QUIC ikhonjiswe ukuthi yehlisa ukusebenza kokulungisa iphutha lapho ubuka amavidiyo ngo-30%.
Phakathi kwezinguquko ekucacisweni kwe-HTTP/1.1, umuntu angakwazi ukuqaphela ukuvinjelwa ekusebenziseni okukodwa kohlamvu lwe-carriage return (CR) ngaphandle komzimba nokuqukethwe, i.e. Kuzinto zephrothokholi, uhlamvu lwe-CR lungasetshenziswa kuphela ngokuhambisana nohlamvu lokuphakelayo komugqa (CRLF). I-algorithm yesakhiwo sesicelo esihlanganisiwe ithuthukisiwe ukuze kube lula ukuhlukaniswa kwezinkambu ezinamathiselwe kanye nezigaba ezinamaheda. Kungezwe izincomo zokuphatha okuqukethwe okungaqondakali ukuze uvimbele ukuhlasela kwe-"HTTP Application Smuggling", okusivumela ukuthi sizihlanganise nokuqukethwe kwezicelo zabanye abasebenzisi ekuhambeni phakathi kwe-frontend ne-backend.
Isibuyekezo sokucaciswa kwe-HTTP/2.0 sichaza ngokusobala usekelo lwe-TLS 1.3. Yehliswe uhlelo lokubeka kuqala kanye nezinkambu zesihloko ezihambisanayo. Indlela engasetshenzisiwe yokubuyekeza ukuxhumana ne-HTTP/1.1 kuthiwe ayisebenzi. Izidingo zokuhlola amagama nezinkambu zezinkambu zehlisiwe. Ezinye izinhlobo zozimele ebezigodliwe ngaphambilini kanye namapharamitha ahlongozwayo ukuze asetshenziswe. Izinkambu zikanhlokweni ezingavunyelwe ezihlobene noxhumano zichazwe ngokunembe kakhudlwana.
Source: opennet.ru