Does your TLS stack deliver reliable 1-RTT handshakes?
That's one 1-RTT both for new and resumed connections, plus optimal TTFB, and no unnecessary delays on cert lookups, validation, redirects?
If the answer is yes: you're awesome. If not, check out the talk... and update your infrastructure! Slides @ bit.ly/1A2HVEX