I imagine that's just my inner lazy engineer talking, though; there are some protocols that would definitely have been better off specified properly from the start (I'm looking at you, SMB)
Its fair to say that v2 is deployed and was well documented and that google was very responsive to technical inquiries about it. The firefox and chrome implementations are v2.
But open specification is important. Google and Mozilla have been working together to bring this into the IETF.
There is no concrete plan for enabling support for any particular draft SPDY spec in any particular version of Firefox yet. There's no way it will be enabled by default in Firefox 11. Our implementation needs a lot more testing, especially since there are already very important SPDY-enabled sites live on the Internet. Even if we spit out a perfect implementation of the latest draft spec on the first attempt, it might be the case that these existing sites depend on behavior undefined by the spec and/or bugs in Chrome. These kinds of issues still need to be found and addressed.
There is also still work that needs to be done on the spec itself. I suspect there will be many rounds of divergence and convergence in SPDY implementations as more people experiment with implementing it, and as the protocol improves.
Certainly Google's sites qualify as important, but are any other major sites using it? Chrome doesn't seem to setup SPDY sessions for anything I visit regularly other than Google sites.
BTW, I heard an unsubstantiated rumor Netflix has added SPDY, although this might be due to the Chromebook plugin.
Apologies, but I'm not seeing where that suggests that it will be on by default.
Edit: This looks promising https://github.com/indutny/node-spdy
I agree. Getting SPDY into Apache, ngnix, varnish, squid etc. would be all we need to get the benefits of this new protocol.
The front-end SPDY server could then communicate via HTTP via a low-latency connection.
As others have said, this won't help much until common servers (nginx, varnish, etc) also support SPDY, but it's a move in the right direction.
My opinion - get a real signed cert. A basic free one from startssl.com is available.
The PKI has problems to be sure and needs to evolve. But simple forms of eavesdropping and MITM attacks need to stop. Its great that SPDY is SSL based.
Spdy actually shines brightest on things like plus.google.com or picasa because of all the little icons.. images.google.com is also a very big beneficiary.
It would be an excellent fit for things that look like facebook, ebay, twitter..
In any case, I'd imagine the benefits are from the cloud caching than any other factor.
This seems to me to be yet another unnecessary new protocol.