Akamai Diversity

The Akamai Blog

Akamai

Akamai

June 5, 2017 12:12 PM

Passive HTTP2 Client Fingerprinting - White Paper

HTTP2 is the second major version of the HTTP protocol. It changes the way HTTP is transferred "on the wire" by introducing a full binary protocol, made up of TCP connections, streams and frames, rather than simply being a plain-text protocol. Such a fundamental change between HTTP/1.x to HTTP/2, meant that client side and server side implementations had to incorporate completely new code to support new HTTP2 features - this

Erik Nygren

Erik Nygren

March 23, 2017 2:13 PM

Reaching toward universal TLS SNI

The past few years have seen a dramatic increase in client support for TLS SNI (a technology standard that makes HTTPS much more scaleable). While early 2014 saw fewer than 85% of HTTPS requests being sent by clients supporting TLS SNI, many Akamai customers today now see client TLS SNI usage exceeding 99%. This shift means that deploying SNI-only Web sites is now increasingly viable, with 31% of the Alexa

Erik Nygren

Erik Nygren

November 2, 2016 9:28 AM

Planning for the end of 2016: a leap second and the ...

New Year's Eve is typically in the depth of end-of-year change freezes for most IT organizations. At the end of 2016, however, two major events will be occurring right at the end of the year: a leap second and the final end of browser support for SHA-1 TLS certificates. Both of these changes have the potential to break software systems and applications. Significant preparation, planning, and testing ahead-of-time can significantly

Akamai

Akamai

February 27, 2015 10:50 AM

The Scarlet Label

We all know that web site performance is important for companies especially if they operate an e-comm platform to serve consumers. For the end users, a slow site is simply annoying and a major reason to browse elsewhere; there goes the revenue stream.

Andy Ellis

Andy Ellis

May 19, 2014 12:32 PM

The Brittleness of the SSL/TLS Certificate System

Despite the time and inconvenience caused to the industry by Heartbleed, its impact does provide some impetus for examining the underlying certificate hierarchy. (As an historical example, in the wake of CA certificate misissuances, the industry looked at one set of flaws: how any one of the many trusted CAs can issue certificates for any site, even if the owner of that site hasn't requested them to do so; that