What is HTTP/3?
HTTP/3 (or HTTP3) is the most advanced version of the hypertext transfer protocol. In simple terms, it’s a set of rules that govern how devices communicate and exchange information over the internet. When your browser (the client) wants to load a webpage, it sends a request to a server, and the server responds with the content of that page.
As the internet develops, the rules for information exchange need to be updated accordingly. HTTP/3 is an upgraded version of HTTP2 — it makes your web browsing faster, smoother, and more secure. But how did HTTP3 come about?
When was HTTP/3 released?
HTTP/3 has no specific release date. It evolved from the experimental Quick UDP Internet Connections (QUIC) protocol. Google created the QUIC transport protocol in 2012 to address performance limitations in HTTP/2, including HTTP/2’s reliance on the transmission control protocol (TCP). QUIC’s goal was to reduce latency, improve congestion control, and ensure better security — encryption became an inherent part of the protocol’s functioning.
The organization that standardizes internet protocols, the Internet Engineering Task Force (IETF), recognized QUIC’s potential. IETF set up a working group and started refining QUIC to make it suitable for broader adoption. This collaboration between Google, IETF, and various internet stakeholders resulted in the “HTTP over QUIC,” or HTTP/3.
The Internet Engineering Task Force officially standardized HTTP3 in 2022, but its widespread adoption and implementation is still ongoing. So how does HTTP/3 work?
How does HTTP/3 work?
For its transport layer, HTTP/3 uses QUIC, which is built upon the User Datagram Protocol (UDP). Unlike TCP used by HTTP/1 and HTTP/2, UDP is a connectionless protocol. This feature of UDP allows QUIC to establish connections more quickly.
When a client wants to connect to a server, HTTP/3 initiates a QUIC handshake. Once the connection is set up, the client starts sending HTTP requests (small packets of data) to the server over the QUIC protocol. QUIC sends the data using UDP.
When the server processes the client’s request, it sends a response. The responses are broken up into data packets, just like the requests, and sent over QUIC. The server can send multiple parallel responses too.
In some circumstances, where the client and server have previously communicated, UDP can often secure a connection in a single round trip (1-RTT) or even zero round trips (0-RTT). In a 0-RTT case, a request is sent to a server and processed immediately without the need of a full handshake. This reduces connection latency.
And in case of packet loss during transfer, QUIC detects the lost packet without waiting for a timeout, unlike TCP. This means that temporary problems on the network do not slow things down. HTTP/3 can also send multiple streams of data in parallel over the same connection. If you are loading a website with multiple elements, like images or scripts, the browser can load them all at the same time.
QUIC maintains a connection state throughout the process. A connection state is like a record of the ongoing conversation between the client (your computer) and the server. It includes information on the connection status, congestion control, encryption keys, and the security state. By maintaining this state, QUIC makes sure that conversations don’t repeat themselves and that no one can listen in or interfere with them.
Once the exchange of requests and responses is completed, either the client or the server initiates the closure process, managed by the QUIC protocol.
How is HTTP/3 different from other versions of HTTP?
The differences between HTTP/3 and other versions of HTTP rest on the differences between UDP and TCP. QUIC, built on top of UDP, bypasses many restrictions of the older TCP protocol by allowing multiple streams of data to be sent in parallel. QUIC also incorporates encryption by default. It makes the initial connection setup and data transmission more secure and quicker due to fewer round trips needed for handshakes.
In essence, QUIC and UDP provide a more responsive and secure user experience for web communications in HTTP/3, compared to HTTP/1.1 and HTTP/2. Overall, HTTP/3 builds upon and improves the features of its predecessors:
| HTTP/1.1 | HTTP/2 | HTTP/3 |
---|---|---|---|
Protocol | TCP | TCP | UDP over QUIC |
Connection concurrency | One request per TCP connection | Multiple requests over single TCP connection | Multiple requests over single UDP connection |
Security | Optional TLS | Mandatory TLS | Mandatory TLS, integrated into QUIC |
Latency | High latency | Reduced latency | Further reduced latency |
Loss recovery | Time-consuming | Slightly improved | Significantly improved |
What are the benefits of HTTP/3?
HTTP/3 improves security, speed, and reliability. Just like HTTP over TLS/SSL creates a secure tunnel for your data to travel between your browser and a website, QUIC (and by extension HTTP/3) also encrypts your data right from the start — at the transport layer. This means that data in the uppermost layer (the application layer) is encrypted by default.
HTTP/3 delivers web pages and services faster because it relies on the QUIC transport protocol, built upon the lightweight and connectionless UDP. QUIC allows multiple streams of data to be sent in parallel, which reduces connection time and transport latency. HTTP/3 establishes faster connections, even when users change networks, for example, when they switch from Wi-Fi to mobile data.
HTTP/3 can estimate how much network capacity is available in both directions — sending and receiving. This helps adjust the flow of data, prevent congestion, and minimize buffering and slowdowns.
The new HTTP/3 provides faster connection, so end-users can enjoy faster browsing, smoother streaming, more responsive online gaming, and a more secure data transmission.
By enabling HTTP/3, content providers can benefit from faster and more reliable content delivery, especially if it’s high-resolution media and interactive web applications. Improved content delivery can lead to increased user satisfaction and engagement. HTTP/3 also simplifies website maintenance.
For network operators, it’s easier to optimize network resource usage with HTTP/3. The protocol’s ability to maintain connection even during network changes reduces disruptions and improves user experience. It can also lead to reduced operational costs for network infrastructure. But are there any drawbacks to enabling HTTP/3?
What are the drawbacks of using HTTP/3 over HTTP/2?
Even though HTTP/3 is the most advanced HTTP protocol so far, it has its drawbacks related to implementation complexity, compatibility, and troubleshooting. It’s more complex to implement HTTP/3 than HTTP/2 because it uses QUIC over UDP instead of TCP. Websites and servers need more work to support it. Therefore, not all web browsers and servers support HTTP/3 yet. And even if a website supports it, some users might not be able to use it because their browsers don’t support it.
HTTP/3 encrypts more of its data, so it can be harder for engineers to troubleshoot problems. Lack of information about the traffic might make it challenging to identify and fix issues. HTTP/3 also uses more server resources, so it might be hard for servers to handle a lot of users at once. Some network equipment like routers are not yet optimized for the way HTTP/3 sends data.
Is HTTP/3 available now?
HTTP/3 is not yet as broadly available as HTTP/2. As of November 2023, only about 27.1% of websites were using HTTP/3.
Services are also enabling this latest hypertext transfer protocol to improve the speed and reliability of their platforms, including Google services (YouTube as well), Microsoft services, Mozilla services, Amazon Web Services, Cloudfare, Facebook, and LinkedIn.
As a user, you don’t have to worry about it, because if your browser supports HTTP/3, it will use it automatically when communicating with servers that support it.
Web browser support for HTTP/3
All major browsers either support HTTP/3 by default or provide an option to enable it in their settings. These browsers are Google Chrome (version 87 and later ones), Mozilla Firefox (version 88 onwards), Microsoft Edge (Chromium 87 and later versions), Safari (can be enabled on version 14 onwards), and Opera (Chromium 87 and later versions).
Broader browser adoption will be likely in the future. Since the major browsers mentioned above have already implemented the new standard, the industry trend is clear.
Should you enable HTTP/3?
You should enable HTTP/3 if it’s available to you because it can enhance your browsing speed, security, and connections, especially if you often switch from Wi-Fi to mobile data or use unstable networks. You’ll be able to enjoy faster loading times and a more seamless browsing experience. If you’re a website owner, enabling this new standard could improve your website performance and user satisfaction. However, ensure your servers and content delivery network supports HTTP/3.
Like what you’re reading?
Get the latest stories and announcements from NordVPN
We won’t spam and you will always have the choice to unsubscribe