Home page logo

nanog logo nanog mailing list archives

Re: Google's QUIC
From: Josh Hoppes <josh.hoppes () gmail com>
Date: Fri, 28 Jun 2013 15:16:16 -0500

My first question is, how are they going to keep themselves from
congesting links?

On Fri, Jun 28, 2013 at 3:09 PM, Michael Thomas <mike () mtcc com> wrote:

Sorry if this is a little more on the dev side, and less on the ops side but
it's Google, it will almost certainly affect the ops side eventually.

My first reaction to this was why not SCTP, but apparently they think that
boxen/firewalls make it problematic. That may be, but UDP based port
filtering is
probably not far behind on the flaky front.

The second justification was TLS layering inefficiencies. That definitely
has my
sympathies as TLS (especially cert exchange) is bloated and the way that it
grafted onto TCP wasn't exactly the most elegant. Interestingly enough,
main justification wasn't a security concern so much as "helpful" middle
getting their filthy mitts on the traffic and screwing it up.

The last thing that occurs to me reading their FAQ is that they are
seemingly trying
to send data with 0 round trips. That is, SYN, data, data, data... That
really makes me
wonder about security/dos considerations. As in, it sounds too good to be
true. But
maybe that's just the security cruft? But what about SYN cookies/dos? Hmmm.

Other comments or clue?


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]