It's official, Google made SPDY "Go away" in Chrome, and IETF pushed the promising HTTP/2 as the new standard application protocol for the web. It's reverse compatible with older versions (translating to either loses no information and Wireshark already supports it), also faster, and more secure as I am summarizing below.
What does it mean for you? Your browser supports it. Now it is up to server admins to enable the protocol on their sites, in Windows 10 IIS for example.
The new protocol includes solutions to endemic slowness in how HTTP/1.1 loads web resources.
- Server Push solves roundtrips for the HTML-javascript-images, etc...
- Overhead on the many requests per page is solved by header compression
When HTTP/2 runs over TLS (namely the h2 ptorocol name), it offers higher security than its predecessor (and of course, more security than HTTP/2 over TCP, named h2c)
- Compression is less vulnerable to attacks, with coarse granularity in header compression
- Better encryption, with ciphersuite blacklist and methods to require a specific TLS profile