Unfortunately, there is not a lot of extra or unnecessary data that we can optimize during the TLS handshake. Since browsers download resources in parallel, this means that a visiting browser will create multiple TLS connections and have to wait for multiple handshakes to complete, even with visiting a single page! Unfortunately, the TLS handshake increases the amount of time where the browser can't do anything, slowing down your site performance. This is true with every webpage you visit: the browser is blocked getting that first HTML response. It cannot be downloading other resources in parallel, like CSS files or images, because it hasn't gotten that initial HTML page telling them about the other resources. Worse, the browser can't do anything else until it gets this initial HTML page.
Look at the waterfall diagram below: if you need help, check out how to read a webpage waterfall chart. Since TLS handshakes are part of creating the secure connection, they have to happen before any data can be exchanged. The primary performance problem with the TLS handshake is not how long it takes, it is when the handshake happens. At first, a half second might not sound like a lot of time. This handshake will typically take between milliseconds to half a second, but it can take longer. Because of the difference between latency and bandwidtha faster internet connection doesn't make these round trips any faster. While there are a lot of details in the diagram, the take away is that a full TLS handshake involves 2 round trips between the client and the server. Some of the things that happen during the handshake are. The TLS handshake is the process that the browser and server follow to decide how to communicate and create the secured connection. This article covers the second item, Establishing a secure connection. Transport Layer Security, TLS 1.2 and 1.3 (Explained by Example)
This is known as the TLS Handshake and can have a significant impact on your site performance. There are several steps that must occur before a browser establishes a secured connection to your website: identities must be confirmed, algorithms must be selected, and keys must be exchanged. If not configured properly, your page load times can become much slower than unencrypted traffic. Data sent back and forth between visiting web browsers and your web server must be encrypted and decrypted. Since our acquisition by Rigorall our new research and posts on web performance are being published on The Rigor Blog. This is the archived version of the Zoompf blog.
0 kommentar(er)
