mailing list archives
Re: Google's QUIC
From: Josh Hoppes <josh.hoppes () gmail com>
Date: Fri, 28 Jun 2013 15:16:16 -0500
My first question is, how are they going to keep themselves from
On Fri, Jun 28, 2013 at 3:09 PM, Michael Thomas <mike () mtcc com> wrote:
Sorry if this is a little more on the dev side, and less on the ops side but
it's Google, it will almost certainly affect the ops side eventually.
My first reaction to this was why not SCTP, but apparently they think that
boxen/firewalls make it problematic. That may be, but UDP based port
probably not far behind on the flaky front.
The second justification was TLS layering inefficiencies. That definitely
sympathies as TLS (especially cert exchange) is bloated and the way that it
grafted onto TCP wasn't exactly the most elegant. Interestingly enough,
main justification wasn't a security concern so much as "helpful" middle
getting their filthy mitts on the traffic and screwing it up.
The last thing that occurs to me reading their FAQ is that they are
to send data with 0 round trips. That is, SYN, data, data, data... That
really makes me
wonder about security/dos considerations. As in, it sounds too good to be
maybe that's just the security cruft? But what about SYN cookies/dos? Hmmm.
Other comments or clue?