Latest in Adam langley

Image credit:

Google puts False Start SSL experiment down, nobody notices


Back in September of 2010 Google started experimenting with a new Chrome feature called False Start, which cut the latency of SSL handshakes by up to 30 percent. While the delay in forging a secure connection never seemed like a major concern for most, the pause (which could be several hundred milliseconds long) before a browser starts pulling in actual content was too much to swallow for Mountain View engineers. The tweak to SLL was a somewhat technical one that involved packaging data and instructions normally separated out -- reducing the number of round trips between a host and a client before content was pulled in. Unfortunately, False Start has proven incompatible with a number of sites, in particular those that rely on dedicated encryption hardware called SSL Terminators. Chrome used a blacklist to track unfriendly sites, but maintaining that repository proved more difficult than anticipated and became quite unwieldy. Despite reportedly working with over 99 percent of websites Adam Langley, a Google security researcher, has decided that False Start should be retired with version 20 of the company's browser. The change will likely go unnoticed by most users, but it's always a shame to see efforts to make the web as SPDY as possible fail.