HTTP/3 is designed for QUIC, which is a transport protocol that handles streams by itself.
HTTP/2 is designed for TCP, and therefore handles streams in the HTTP layer.
The two protocols offer clients virtually identical feature sets.
-
Both protocols offer server push support
-
Both protocols have header compression, and QPACK and HPACK are similar in design.
-
Both protocols offer multiplexing over a single connection using streams
The differences are in the details and primarily there thanks to HTTP/3's use of QUIC:
-
HTTP/3 has better and more likely to work early data support thanks to QUIC's 0-RTT handshakes, while TCP Fast Open and TLS usually sends less data and often faces problems.
-
HTTP/3 has much faster handshakes thanks to QUIC vs TCP + TLS.
-
HTTP/3 does not exist in an insecure or unencrypted version. HTTP/2 can be implemented and used without HTTPS - even if this is rare on the Internet.
-
HTTP/2 can be negotiated directly in a TLS handshake with the ALPN extension, while HTTP/3 is over QUIC so it needs an
Alt-Svc:
header response first to inform the client about this fact. -
The base HTTP/3 specification doesn't define prioritization itself. The HTTP/2 approach to prioritization has been deemed too complicated and is deprecated by the latest revision of the HTTP/2 specification RFC 9113. A simpler alternative, the Extensible Prioritization Scheme for HTTP (RFC 9218), has been published separately, which can be used in both HTTP/2 and HTTP/3.