 Where it's just everybody talking who would thought so the idea is that basically we go around the room and Based on the chapter that we just read some people just have to pick something that they learned about the chapter that they can remember and Just tell us about it. So it's kind of there's a lot of learning value in just Repeating something even if it's almost word-for-word actually the way I've learned stuff a lot of the time is I just Copy stuff that as I'm reading it and just the process of writing it down. You just naturally learn it. So anyway So we start on my left And so these the the topic This is just from anything in the book that you guys can remember anything and just you know two or three minutes And then hopefully we can finish up around nine so so my favorite chapter so far have been Like on on TCP. So this is something that we we actually deal with every day But we don't really deal with it directly and then Just understanding how TCP works Really like it just it helped me to understand why certain things are done not just what needs to be done So like for example TCP has How TCP actually figure it out, you know, how much we should send in a chunk is by incurring incurring packet Right so how they start is like I start with this one note size Maybe you could step back and what's the how does how does the TCP connection start? Anybody from the audience, how did it start? Oh, I would like to hear a Would you like to hear this? That's a slow connection Yes, thank I'm gonna tell you TCP joke, okay That's really good Yeah Yes, and there's a lot of geeky jokes, but TCP so sorry. Yeah, okay, tell us about that All right, so those Let's say I don't know what's your capacity server client. Let's just say server client I don't know what's your capacity. So I'll just test it. It's like I'm gonna I'm gonna start small and see if you're able to reply to me in time Great, so then what do I do next I increase it and then I increase it Exponentially until I incur packet loss I send I send like this this much and I only get this much back I'm like, alright, so now it looks like your capacity is between this and this and then that's the end of the What is it called the capacity? congestion control And then then there's the next space starts which is congestion avoidance So how do we how do we figure out then it just drops and then there's like always have to figure out Well, how how you drop it until you meet until you find a sweet spot where we speak at the right window size and then so And then from there on we just we just constantly speak at this window size until this This is like terminated or I start to see like packet loss again, and then I adjust it and so on so forth So TCP is very smart in that sense And then there are many like performance There are many performance Improvement you can make just just by tweaking your server like increase the for example increasing the initial window size and then You actually you had a practical you had a practical learning from this remember Which one so they have like a checklist and remember you changed some setting Work it didn't work No, it's not it's not a true demonstrate like with matrix like how this thing is gonna like what do you expect and whether it worked or not So like I couldn't find a way to measure it because it is that such a little mimics the request pattern Oh, yeah, I work for a bidding. Yeah, so there's a checklist find that very very useful even if you're just like deploying like a Regular web app. I mean like why not just I think the one that you disabled was disabled slow start after I live yeah, that's the slow start restart You don't need that not necessary cool All right, thanks. Why? well this reading this book took me back into ether real or wire shark as it called these days and One of the things I really liked was when I combined chapter two and three You see all the things you have to do when you make a unit P packet that is already inside the TCP so But you can make your own Tweaks in the UDP while the TCP is kind of static and it will act the way it does If you need to make changes for the UDP you can add those on to the so what kind of stuff The checks maybe you don't need all the checks Maybe you'll send more data at the same time So this isn't this is book club not panel, so that's why it's a little vague Okay. Yeah, this is it. Yeah anything else No, from this one if you go back to vote back one page at the far bottom No, no the chapter two All the way to the bottom the one that They conclude it all the way through the book that makes the biggest Impact is to compress static data turn on the G-SIP flag in the proxy or Wherever it is When one of the big like things that just keep talking about in this like this whole book really could have just been summed up with It's not it's nothing the biggest performance bottleneck is latency Yeah, not bandwidth and just send for fuel requests is pretty much the the overall Theme of the whole book Move yourself or closer to your clients Well, we haven't got to the HDP to We're gonna cover Everybody can talk about I contacted him actually about the book club But we couldn't find a good time here to do a because he's in you know, California And like the time book clubs on is like four in the morning So He came to Singapore once topping at a red dot Time to come game My favorite chapter was for which was on TLS and security So it's it it goes through quite interestingly what you do to get your Your application secure and Basically, it explains you all the everything from you know basic cryptography to certificates and certificate trade It's certificate chains and trust and all that stuff And also like the It's a mess with the certificate industry. There is old styles of doing revocations a new style of doing revocation Upcoming style of doing revocation Just read the chapter It's Forget Right, so where do you start? Certificates, you know, I'm stapling. Let's do my stapling. Yeah stapling stapling is is something that is Going to be the the default solution going forward. That's what everybody's talking about So stapling is used for certificate revocation Certificates basically tell a browser with the client that your website is something that can be trusted And the server is claiming who or who he or she or it is So the problem with that model is That if you have Something that if you have a certificate you put on a server But later you realize that maybe the private key got somehow compromised on the certificate is lose So to say anybody else can also put the same certificate on their server and fined to be you Then you you want to go and revoke it and basically before it expires You want to say no this don't trust the certificate the standard way of doing that is something called Certificate CRLs which is Certification revocation lists. Unfortunately, so this is basically a massive list of certificates that is published by the certificate authorities like the bunch of them and the browsers go and look at them and check if they If the if you're the certificate is trying to access isn't that list if it is then it doesn't trust it and gives you an error The problem is these lists are massive especially after the SSL attack from last year These lists are ridiculously massive and the browsers sometimes just die even trying to get through them and the problem and to preserve the user experience the default Behavior of all browsers is if for some reasons they can't access the CRL list or they can't access through the CRL list They believe that the certificate is valid and move on This is in every single browser. I think Firefox has a button to change that behavior But by default all browsers just accept the certificate if CRL lookup changes The same with OCSP which is a protocol based we are doing the same thing, but again same problem all browsers fail open So the new way of doing things which what they're trying to do is when the server sends a certificate over to the browser at the first connection it also puts the OCSP response that it just Just received itself or within a few hours with the certificate and gives it to the browser So that the browser doesn't need to itself to go and check the OCSP response That's going to be the way to go forward And it's called certificate state OCSP stately. I believe I think there's a small box on that going forward if you scroll down source Anyway, so that's that's what everywhere everybody's going, but it's important to know like how these things work Because they're they're pretty There's something that we rely on all the time when we just assume things are working But it's important to know how things are cheap what what's actually happening. I after reading this chapter I had to set up TLS Connection for so that I remember doing this a few years ago. I'm just being gone. What the hell am I even doing? I'm just copying and pasting commands off. I am Experts exchange This is years ago and but now after After reading this chapter I came back to it. I'm like, oh, I just get what's going on. I just understood it And so it's just awesome kind of like are you reading something and you suddenly understand it? I guess that's what the point is but other interesting thing that a book says is that a lot of people give this thing that oh TLS is Computing the expensive and having secure connections to whatever you know to between your server and the client is It adds latency and adds which is it's completely bullshit Google's proven a few years ago when we did this massive report about you know, it's your adult servers How much actual increase in computing like how much overhead you add and there is other head in my seat I because it's got additional hands yeah So there's a little head and latency where doesn't overhead in actual processing of off the encryption and the data and stuff like that Yeah, it's it's only initial so there's only one extra and and also the CR a little bit if that it's like I think it's like seven or something, but you can use like Like fast fast open or something right TLS fast open or something. So it's sort of assumes. It's good But the point is there's no real good reason against using it anymore So if you have anything that's you know important in fact chromes really pushing for it these days Oh, if you have anything dropping like non SSL size Yeah, I know that so speaking of which right Speaking of which the cool thing which is going to happen very very soon is ITF Mozilla and EFF no EFF Mozilla and someone else is coming up with this new thing called Let's encrypt Which is which is a super cool? like a single line utility that you just type in your You know favorite Linux box or whatever and it generates a certificate for you It's a free valid SSL certificate for any website you want Installed and provisioned in one command and this is happening in September, so Keeper if you I mean like going forward you basically have no reason not to have a secure website It must be people who like to build a business on selling certificates like this. They must be pissed off Yeah, so the only thing is like There are different levels of certificates and each level of certificate defines what how much the certificate authority has verified your Existence and you're like who you really are so this is the lowest version Okay, so they're still going to make money on the the EV and the DV certificates. This is the basic version but still So sorry, let's give you. Yeah It's not SSL as well, which is not a freebie. Yeah, but they but it's only a year or something isn't it is it okay? It's like a freemium model. They give you a year free, but this is this is free for good So Which could mean that I also could go the one thing I remember Which which I didn't understand was the way that mobile data works, so there's a chapter in here on like like mobile networks and There's if when you're so where you are right now There's like a low-powered radio sort of deal Which kind of figures out where you are what your account details are whether you've got like a valid Like sim all this kind of stuff And then if there's like an incoming like data packet for you What will happen is it'll like I Guess it'll figure out which sort of like one of these meta towers that you're connected to and then it'll Then so it figures out where you are and then it uses that to figure out the nearest like real tower to send like a Proper connection and then it establishes like a proper like a data connection So sort of has like this to level sort of thing and another interesting thing is like if you've got Like a long-running a long-running TCP connection What have it doesn't actually need to keep the okay So when when when you're transmitting data, that's like super expensive for your battery Like to choose enormous amounts of power So the what you want to do is like you know reduce the amount of data that you're transmitting at any time So you might think oh well, you know, you want to shut down the connections Between you know if you're doing something like long hauling or something But it's okay because what it what ends up happening is that the like the base station kind of acts like a proxy And it will maintain it'll hold the connection open to the server for you and only when it receives data Does it reopen the like the mobile connection and send the packets to you? So I thought that was interesting Yeah, it's just a lower level. Yeah, I think so. Yeah, it's it's like yes, okay low level and Yeah, that was that was interesting and The TLS that the slow start thing I thought was interesting like because Yeah If you send a whole bunch of if you're trying to download a whole bunch of small files That's bad because you'll never reach the maximum capacity of a single connection because you'll finish the file before you've Increase the window like the the window increases over a number of seconds So if it yeah, if it takes more than a couple of seconds to download your file You'll never actually reach like bandwidth saturation. So Yeah, another reason to use bundles and like in cat nation tools. So, yeah That's it. So that's well, yeah, this book was never about JavaScript. This is about Distribution And before we end I just want to try out to find Speakers for the next be love you probably the next the second or third Tuesday of every month So that it doesn't so that it takes on the clock for the book club on that week right so so next month is probably 18 okay And yeah, so We'll try to find first times because on anyone one Volunteer Those who are new to JavaScript or new to this meetup Anyone wants to volunteer? Yeah, that's exactly what you look for from the beginning like express How we learn something or what kind of stuff you're learning Yeah You can like for example, I I learned about SSL at work because I have to Configure the server to talk SSL It's a job secure bit screen is like how I look certificate and then understand what that is about like and then afterwards I give a talk to our Singapore office on SSL just be like here is what I learned and then just by giving that talk First of all, I had a chance to summarize what I learned and then see and also revalidate what I believe is true Right and then also by giving that talk I give my Colleague colleagues of opportunity to learn about SSL Also, there are colleagues who are more experienced than I am dealing with SSL So they gave me feedback on certain things that I didn't know off So that's another opportunity to learn more things. So for a beginner. It's just like after you learn about something Give a talk on it. It's just like a It reinforces what you learn and then and also give other people a chance to criticize you And then help help you learn more about that Frameworks libraries methodology technology You know something if you find it interesting if it's gardening Put it into an interesting talk I Can go through myself Yeah, of course, just express Talk about my work Joe Joe call me Joe to better