Nginx upgrade funded by fans of Google's SPDY Web protocol
Nginx will move to the latest version of Google's Web-speedup software with funding from CloudFlare, MaxCDN, and WordPress developer Automattic.
SPDY, Google's technology for speeding up Web browsing, is set to advance a step next month with support for the latest version in widely used Web site software called Nginx.
Three companies that like Google's approach -- Automattic, MaxCDN, and CloudFlare -- are funding Nginx developers to update its SPDY support to version 3.1, CNET has learned. Under the deal, SPDY 3.1 should arrive in Nginx 1.5 in January, a source familiar with the partnership said.
Nginx declined to comment on the plans, but its software supports an earlier version of SPDY and an upgrade wouldn't be a surprise.
"While we can't comment on or confirm future development work, it's worth noting that when we surveyed our users at the beginning of 2013, SPDY was the No. 1 requested feature," Nginx Chief Executive Gus Robertson said in a statement. "In early 2013, SPDY became a core component of Nginx. Many of our high-traffic customers use our SPDY capability today."
SPDY uses a variety of approaches to get Web-page data faster from the server on which it's hosted to a person's browser where it's viewed. For example, through "multiplexing" it can make better use of scarce network connection resources, and it compresses data to cut down on what's actually transmitted. Google has found SPDY allies in Microsoft, Mozilla, and others, and the industry is now building some of its technology into the standard for Web server-browser communications, HTTP (Hypertext Transfer Protocol).
Two of the companies funding Nginx, CloudFlare and MaxCDN, are content delivery networks (CDNs), companies that make a living hosting their clients' data so it can be delivered to people's browsers across the world. Automattic is the company behind the WordPress software and service for publishing blogs, and it, too, stands to gain from faster Web connections.
Nginx and MaxCDN declined to comment on future plans. CloudFlare and Automattic didn't respond to a request for comment.
Not everybody is happy with the process by which SPDY is being standardized into HTTP. Standards groups move notoriously slowly in general. By the time the HTTP 2.0 is finished, SPDY probably will have moved on to version 4.0.
"I'm a little bummed about the time it is taking to standardize," said Mike Belshe, one of the original SPDY authors.
He's also not happy that, unlike SPDY, the HTTP 2.0 standard won't require encrypted communications. Encrypted communications -- common for tasks like e-commerce transactions but by no means universal on the Web -- give have taken on new importance for security and privacy matters because of revelations about US and UK government surveillance.
Some argue that SPDY without encryption should be permitted, for example for companies' own internal network connections, but Belshe still sees risks. For example, government surveillance efforts included attempts to monitor network traffic on private networks that link between different Google TKTK data centers.
But the main reason is simply practical, Belshe said. Lots of network equipment can handle only version 1.1 of HTTP
"When you try to run other protocols over them, they choke and fail, and the user is left with a hung network connection or broken page," Belshe said.
For that reason, Chrome andFirefox developers have committed to support HTTP 2.0 only on encrypted connections, Belshe said. If other browsers follow suit, the issue of unencrypted HTTP 2.0 connections will be moot.
Nginx holds power on the other side of HTTP and SPDY network connections. It's not the most widely used Web server software -- Apache lead the market, according to NetCraft. But it's an up-and-coming option with growing usage, surpassing Microsoft's Internet Information Services recently.
Nginx isn't quite so convinced about the necessity for encryption.
"It's too early to say what it's going to be," Robertson said. "We believe it first has to become a standard, undergo some reference implementations, be tested, and understood uniformly on the Internet before we can make any decisions."
In fact, he'd like to see SPDY settle down in general. "So far it's been rapid experimentation, and we'd really like to see the specification maturing. On our side we do everything we can do to bring it to our users in the most reliable manner possible," he said.
New Enterprise Associates (NEA) led a $10 million second round of funding that Nginx announced in October. The company sells subscriptions for Nginx Plus, which includes support, service, and new features.
Whatever happens with SPDY in the near future, it's definitely time to overhaul HTTP, Nginx's Robertson said.
"We are very excited to see it's going," Robertson said. "HTTP is already over 20 years old, and it wasn't ever designed for high-performance, high-concurrency communications. HTTP has become a uniform fabric for Internet communications -- the majority of a Web site's or Web service's content, media, data, and API communications are transmitted over HTTP, both externally and internally. In this regard, any work that improves on the current HTTP standard and implementations is extremely important for the Internet over the next 10 years."