SPDY (pronounced "speedy") is an obsolete open-specification communication protocol developed for transporting web content. SPDY became the basis for HTTP/2 specification. However, HTTP/2 diverged from SPDY and eventually HTTP/2 subsumed all usecases of SPDY. After HTTP/2 was ratified as a standard, major implementers, including Google, Mozilla, and Apple, deprecated SPDY in favor of HTTP/2. Since 2021, no modern browser supports SPDY. Google announced SPDY in late 2009 and deployed in 2010. SPDY manipulates HTTP traffic, with particular goals of reducing web page load latency and improving web security. SPDY achieves reduced latency through compression, multiplexing, and prioritization, although this depends on a combination of network and website deployment conditions. The name "SPDY" is not an acronym.

History

HTTP/2 was first discussed when it became apparent that SPDY was gaining traction with implementers (like Mozilla and nginx), and was showing significant improvements over HTTP/1.x. After a call for proposals and a selection process, SPDY was chosen as the basis for HTTP/2. Since then, there have been a number of changes, based on discussion in the Working Group and feedback from implementers. , the group developing SPDY stated publicly that it was working toward standardisation (available as an Internet Draft). The first draft of HTTP/2 used SPDY as the working base for its specification draft and editing. The IETF working group for HTTPbis has released the draft of HTTP/2. SPDY (draft-mbelshe-httpbis-spdy-00) was chosen as the starting point. Throughout the process, the core developers of SPDY have been involved in the development of HTTP/2, including both Mike Belshe and Roberto Peon. Chromium, Mozilla Firefox, Opera, Amazon Silk, Internet Explorer, and Safari expressed support for SPDY at the time. In February 2015, Google announced that following ratification of the HTTP/2 standard, support for SPDY would be deprecated, and that support for SPDY would be withdrawn. On May 15, 2015, HTTP/2 was officially ratified as. On February 11, 2016, Google announced that Chrome would no longer support SPDY after May 15, 2016, the one-year anniversary of which standardized HTTP/2. On January 25, 2019, Apple announced that SPDY would be deprecated in favor of HTTP/2, and would be removed in future releases. Google removed SPDY support in Google Chrome 51 which was released in 2016. Mozilla removed it in Firefox 50. Apple has deprecated the technology in macOS 10.14.4 and iOS 12.2.

Protocol versions

SPDY is a versioned protocol. SPDY control frames contain 15 dedicated bits to indicate the version of protocol used for the current session.

Design

The goal of SPDY is to reduce web page load time. This is achieved by prioritizing and multiplexing the transfer of web page subresources so that only one connection per client is required. TLS encryption is nearly ubiquitous in SPDY implementations, and transmission headers are gzip- or DEFLATE-compressed by design (in contrast to HTTP, where the headers are sent as human-readable text). Moreover, servers may hint or even push content instead of awaiting individual requests for each resource of a web page. SPDY requires the use of SSL/TLS (with TLS extension ALPN) for security but it also supports operation over plain TCP. The requirement for SSL is for security and to avoid incompatibility when communication is across a proxy.

Relation to HTTP

SPDY does not replace HTTP; it modifies the way HTTP requests and responses are sent over the wire. This means that all existing server-side applications can be used without modification if a SPDY-compatible translation layer is put in place. SPDY is effectively a tunnel for the HTTP and HTTPS protocols. When sent over SPDY, HTTP requests are processed, tokenized, simplified and compressed. For example, each SPDY endpoint keeps track of which headers have been sent in past requests and can avoid resending the headers that have not changed; those that must be sent are compressed.

Protocol support

For use within HTTPS, SPDY requires the TLS extension Next Protocol Negotiation (NPN) or Application-Layer Protocol Negotiation (ALPN) thus browser and server support depends on the HTTPS library. OpenSSL 1.0.1 or greater introduces NPN. Patches to add NPN support have also been written for NSS and TLSLite. Security Support Provider Interface (SSPI) from Microsoft have not implemented the NPN extension to its TLS implementation. This has prevented SPDY inclusion in the latest .NET Framework versions. Since SPDY specification is being refined and HTTP/2 is expected to include SPDY implementation one could expect Microsoft to release support after HTTP/2 is finalized.

Client (browser) support and usage

Server support and usage

, approximately 0.1% of all websites support SPDY, in part due to transition to HTTP/2. In 2016, NGINX and Apache were the major providers of SPDY traffic. In 2015, NGINX 1.9.5 dropped SPDY support in favor of HTTP/2. Some Google services (e.g. Google Search, Gmail, and other SSL-enabled services) use SPDY when available. Google's ads are also served from SPDY-enabled servers. A brief history of SPDY support amongst major web players: According to W3Techs,, most SPDY-enabled websites use nginx, with the LiteSpeed web server coming second.