27 Октябрь 2012 г. 23:20:39 пользователь Chad
(innocentkiller(a)gmail.com) написал:
Not to mention varnish/squid.
Varnish author on SPDY:
http://developers.slashdot.org/story/12/07/13/1327235/varnish-author-sugges…
"The author of Varnish, Poul-Henning Kamp, has written an interesting critique of
SPDY and the other draft protocols trying to become HTTP 2.0. He suggests none of the
candidates make the cut. Quoting: 'Overall, I find the design approach taken in SPDY
deeply flawed. For instance identifying the standardized HTTP headers, by a 4-byte length
and textual name, and then applying a deflate compressor to save bandwidth is totally at
odds with the job of HTTP routers which need to quickly extract the Host: header in order
to route the traffic, preferably without committing extensive resources to each request.
... It is still unclear for me if or how SPDY can be used on TCP port 80 or if it will
need a WKS allocation of its own, which would open a ton of issues with firewalling,
filtering and proxying during deployment. (This is one of the things which makes it hard
to avoid the feeling that SPDY really wants to do away with all the
"middle-men") With my security-analyst hat on, I see a lot of DoS potential in
the SPDY protocol, many ways in which the client can make the server expend resources, and
foresee a lot of complexity in implementing the server side to mitigate and deflect
malicious traffic.'