HTTP Keep-alive Support
Context: The Wormly SSL Tester checks if keep-alive is supported by an SSL web server.
“Keepalives” are a performance enhancement present in version 1.1 of the HTTP specification. They allow a client to keep open a connection to a server, anticipating that more HTTP requests will soon be conducted.
For example, when an end user is likely to click from page to the next, keeping the connection alive eliminates the need to establish a new one when that next request is made.
This becomes even more important when a browsing session is secured by SSL/TLS, because the overhead of establishing a fresh SSL/TLS connection is substantially higher than merely establish a TCP connection.
That said, HTTP keep-alives do transfer the performance burden from the client to the server somewhat, in that the server must leave a certain amount of RAM (and usually file descriptors) allocated to each open connection.
Large scale websites often elect not to enable keep-alives so as to avoid the situation where many large amounts of these resources are being tied up by thousands of mostly idle clients whose connections are kept alive.
Other approaches at the secure protocol level (SSL Session Caching and TLS Stateless Resumption) also aim to improve client performance in a similar way, and can be more appropriate for very large scale sites.