A collection of various awesome lists for videos, pentesters, libraries and frameworks.
QUIC is the Quick UDP Internet Connections protocol, developed by Google and currently in IETF workgroups for further development. It is being considered for replacing TCP as a transport protocol for HTTP/3. We are building an Open source project for IoT & Edge Computing atop QUIC called 🦖YoMo
- @Daniel Stenberg 's blog: WHERE IS HTTP/3 RIGHT NOW?, said the specifications are all done. They’re now waiting in queues to get their final edits and approvals before they will get assigned RFC numbers and get published as such – they will not change any further.
- netray.io scans the IPv4 address space weekly and checks how many hosts that speak QUIC. Their latest scan found 2.1 million such hosts.
- All the major browsers have HTTP/3 implementations and most of them allow you to manually enable it if it isn’t already done so. Chrome and Edge have it enabled by default and Firefox will so very soon
- @Robin Draw digram and open source the source file: https://github.com/rmarx/h3-protocol-stack
- Microsoft's open-source implementation of the QUIC protocol that will form the basis of HTTP/3 will be in Windows Server 2022. It's being used for SMB over QUIC, which is a more secure replacement for WebDAV to deliver SMB access without the expense and complexity of a VPN. This uses QUIC as the transport for SMB instead of TCP/IP and RDMA, with a tunnel that secures SMB even if encryption isn't enabled. "SMB over QUIC will be available with Azure Automanage and Windows Server 2022," Kumar told TechRepublic. "It will also be supported as a client in Windows 10 and on third-party platforms like Android and others."
- Version 1.0 of the Microsoft implementation of the QUIC protocol MSQUIC has been released
- WebTransport This specification uses pluggable protocols, with QUIC [QUIC-TRANSPORT] as one such protocol, to send data to and receive data from servers. It can be used like WebSockets but with support for multiple streams, unidirectional streams, out-of-order delivery, and reliable as well as unreliable transport.
- WebTransport Explainer
- World’s first DNS over QUIC resolver launched by AdGuard
- DNS transport: The race is on!
- IEEE Enabling an efficient satellite-terrestrial hybrid transport service through a QUIC-based proxy function
- DPIFuzz: A Differential Fuzzing Framework to Detect DPI Elusion Strategies for QUIC
- Pluginizing QUIC
- A Performance Perspective on Web Optimized Protocol Stacks: TCP+TLS+HTTP/2 vs. QUIC
- 2018: WebTransport + WebCodecs at W3C Games Workshop
- qlog 0.4.0 released, this one includes a fix to streaming serialization when logging raw bytes and improved logging of DATAGRAM frames.
- Wireshark v3.4.1 release with lots of updates to QUIC
- 📢 draft-ietf-quic-manageability discusses manageability of the QUIC transport protocol, focusing on caveats impacting network operations involving QUIC traffic
- 📢 Applicability of the QUIC Transport Protocol discusses the applicability of the QUIC transport protocol, focusing on caveats impacting application protocol development and deployment over QUIC
- w3c WebTransport defines a set of ECMAScript APIs in WebIDL to allow data to be sent and received between a browser and server, implementing pluggable protocols underneath with common APIs on top. This specification uses pluggable protocols, with QUIC [QUIC-TRANSPORT] as one such protocol, to send data to and receive data from servers. It can be used like WebSockets but with support for multiple streams, unidirectional streams, out-of-order delivery, and reliable as well as unreliable transport.
- 📽 David Schinaz from Google QUIC 101
- Netty release 0.0.1.Final This codec provides a QUIC implementation of draft 32 by wrapping quiche and expose QUIC via the Channel API.
- Cloudflare blog Accelerating UDP packet transmission for QUIC
- PDF: Performance analysis of Google’s Quick UDP Internet Connection Protocol under Software Simulator
- 📢 draft-schinazi-masque-h3-datagram-01 QUIC DATAGRAM extension provides application protocols running over QUIC with a mechanism to send unreliable data while leveraging the security and congestion-control properties of QUIC. However,QUIC DATAGRAM frames do not provide a means to demultiplex application contexts. This document defines how to use QUIC DATAGRAM frames when the application protocol running over QUIC is HTTP/3 by adding an identifier at the start of the frame payload. This allows HTTP messages to convey related information using unreliable DATAGRAM frames, ensuring those frames are properly associated with an HTTP message.
- 📽 Robin Marx Head-of-Line Blocking in QUIC and HTTP/3: The Details
- 📽 Hussein Nasser The Road to QUIC - what’s wrong w/ HTTP/1.1, HTTP/2, HTTP Pipelining, CRIME, HTTP/2 HOL, HPACK
- Experimental QUIC codec for netty makes use of quiche
- GnuTLS 3.7.0 add QUIC support
- HTTP/3 - Wikipedia
- QUIC dependencies graph
- Daniel Stenberg's new keynote HTTP/3 is next generation HTTP
- Accelerating QUIC transition to 5G: QUIC Throughput and Fairness over Dual Connectivity
- Google's cloud gaming platform Stadia is using QUIC
- 🇨🇳 Chinese only 跟坚哥学QUIC系列:加密和传输握手
- 🇨🇳 Chinese only 跟坚哥学QUIC系列:连接迁移(Connection Migration)
- 📈 QUIC Usage Statics
- 📽 Throwback to QUIC BoF session in July 2016. A Working Group forming meeting to decide if QUIC should be adopted for standardisation into the IETF, based on the exissting deployment experience of Google.
- 📽 Robin Marx gave a keynote at IEEE LATINCOM about his experiences doing a PhD on the QUIC and HTTP3 protocols. He talked about their basic features, open research questions and his process in contributing the qlog and qvis debugging tools.
- lsquic release 2.24.4, contains fixes to congestion controller and to CID lifecycle.
- iOS 14 and macOS Big Sur include an experimental preview of HTTP/3 support for your apps that use URLSession, which you can enable in developer settings. To enable HTTP/3 macOS Big Sur:
defaults write -g CFNetworkHTTP3Override -int 3. - Fastly: The Maturing of QUIC
- 2020-11-16 IETF-109 Slide: Tunneling Internet protocols inside QUIC Rev.00
- 📢 MASQUE Working Group Multiplexed Application Substrate over QUIC Encryption (masque)
- 📢 DNS-over-QUIC
- Paper Implementation and analysis of QUIC for MQTT
- Transport and security protocols are essential to ensure reliable and secure communication between two parties. For IoT applications, these protocols must be lightweight, since IoT devices are usually resource constrained. Unfortunately, the existing transport and security protocols – namely TCP/TLS and UDP/DTLS – fall short in terms of connection overhead, latency, and connection migration when used in IoT applications. In this paper, after studying the root causes of these shortcomings, we show how utilizing QUIC in IoT scenarios results in a higher performance. Based on these observations, and given the popularity of MQTT as an IoT application layer protocol, we integrate MQTT with QUIC. By presenting the main APIs and functions developed, we explain how connection establishment and message exchange functionalities work. We evaluate the performance of MQTTw/QUIC versus MQTTw/TCP using wired, wireless, and long-distance testbeds. Our results show that MQTTw/QUIC reduces connection overhead in terms of the number of packets exchanged with the broker by up to 56%. In addition, by eliminating half-open connections, MQTTw/QUIC reduces processor and memory usage by up to 83% and 50%, respectively. Furthermore, by removing the head-of-line blocking problem, delivery latency is reduced by up to 55%. We also show that the throughput drops experienced by MQTTw/QUIC when a connection migration happens is considerably lower than that of MQTTw/TCP.
- Article HTTP/3: Everything you need to know about the next-generation web protocol
- Article QUIC and IoT
- One of the oft-touted use cases for QUIC is in Internet-of-Things (IoT) devices, as they often need intermittent (cellular) network access and low-latency connection setup, 0-RTT and better loss resilience are quite interesting in those cases. However, those devices often also have quite slow CPUs.. There are many issues where QUIC’s designers mention the IoT use case and how a certain decision might impact this, though as far as I know there is no stack that has been tested on such hardware yet. Similarly, many issues mention taking into account a hardware QUIC implementation, but at my experience level it’s unclear if this is more wishful thinking and handwaving rather than a guarantee.
- 📢 QUIC protocol is finally in IETF last call.
- 📢 QUIC draft-32 documents are out:
- Transport: https://tools.ietf.org/html/draft-ietf-quic-transport-32
- Recovery: https://tools.ietf.org/html/draft-ietf-quic-recovery-32
- TLS: https://tools.ietf.org/html/draft-ietf-quic-tls-32
- HTTP: https://tools.ietf.org/html/draft-ietf-quic-http-32
- QPACK: https://tools.ietf.org/html/draft-ietf-quic-qpack-19
- Adoption Facebook today is already using #QUIC + #HTTP3 for over 75% of all their global native app traffic! They've seen impressive performance gains from the new protocols, especially for their video streaming use cases. How Facebook is bringing QUIC to billions
- Adoption Node.js 15 debuts support for QUIC and HTTP/3.
- Adoption Chrome is deploying HTTP/3 and IETF QUIC
- current latest Google QUIC version (Q050) has many similarities with IETF QUIC. But up until now, the majority of Chrome users didn't communicate with IETF QUIC servers without enabling some command-line options.
- Google search latency decreases by over 2%. YouTube rebuffer time decreased by over 9%, while client throughput increased by over 3% on desktop and over 7% on mobile. We're happy to announce that Chrome is rolling out support for IETF QUIC (specifically, draft version h3-29)
- Today 25% of Chrome Stable users are using h3-29, and we plan on increasing that number over the coming weeks as we continue to monitor performance data
- Chrome will actively support both IETF QUIC h3-29 and Google QUIC Q050 to provide servers that support Q050 with time to update to IETF QUIC.
- Adoption Cloudflare begins emailing users that H3 will be automatically enabled starting this month
- CDNs are misunderstood these days. Caching at the browser across sites is not that important, it caching at a point of presence (POP). This POP being so much closer to your end users brings performance gains because TCP is terrible over distances. QUIC may fix this by it's shift to UDP. HackerNews
- TechTalk Lucas Pardue: QUIC & HTTP/3: Open Standards and Open Source Code October 27, 2020
- OpenSource quiche landed supported for QUIC & HTTP/3 unreliable datagram into . It can help support low-latency where guaranteed delivery of data is not paramount.
- Developing QUIC Loss Detection and Congestion Control in Haskell
- draft-ietf-quic-transport-31 QUIC: A UDP-Based Multiplexed and Secure Transport
- draft-ietf-quic-tls-31 Using TLS to Secure QUIC
- draft-ietf-quic-invariants-11 Version-Independent Properties of QUIC
- draft-ietf-quic-recovery-31 QUIC Loss Detection and Congestion Control
- draft-ietf-quic-version-negotiation-01 Compatible Version Negotiation for QUIC
- 🍿 QUIC WG chair Dr.Lars Eggert QUIC: a new internet transport (🎬 58:39) @2017
- 🍿 Google's QUIC: next generation multiplexed transport over UDP (🎬 51:40) @2014
- F5 Sr Solution Architect Jason Rahm What is QUIC? (🎬 08:35) @2018
- Codavel's QUIC vs TCP+TLS — and why QUIC is not the next big thing
- curl's author Daniel Stenberg's new book: HTTP/3 Explained
| Name | Version | Roles | Handshake |
|---|---|---|---|
| Microsoft's MsQuic | draft-27/28/29/30/31/32 | client, server | TLS 1.3 RFC |
| Facebook's mvfst | draft-29 | library, client, server | TLS 1.3 |
| Google's Chromium | Q043, Q046, Q050, T050, T051, draft-27, draft-29 | library, client, server | QUIC Crypto, TLS |
| ats (Apache Traffic Server) | draft-29 | client. server | TLS 1.3 |
| LiteSpeed's lsquic | Draft-32, Draft-29, Draft-28, Draft-27, Q043, Q046, and Q050. | library, client, server | QUIC Crypto, RFC 8446 |
| ngtcp2 | draft-29, draft-30, draft-31, and draft-32 | library, client, server | TLSv1.3 (RFC 8446) |
| Cloudflare's nginx-cloudflare | draft-27, draft-28, draft-29 | server | TLSv1.3 (RFC8446) |
| picoquic | draft-32/31/30/29/28/27 | library and test tools, test client, test server | TLS 1.3 (using picotls) |
| Pluginized QUIC | draft-29 | library, client, server | TLS 1.3 (using picotls) |
| quant | draft-33, draft-34, v1 | library, client, server | TLS 1.3 |
| Fastly's quicly | draft-27 | client, server | TLS 1.3 (final) |
| nginx-quic | draft-27 .. draft-32 | server | TLSv1.3 (RFC8446) |
| TQUIC | v1 | library, client, server | TLS 1.3 |
| Name | Version | Roles | Handshake |
|---|---|---|---|
| Cloudflare's quiche | draft-27, draft-28, draft-29 | library, client, server | TLSv1.3 (RFC8446) |
| Mozilla/Firefox's Neqo | draft-30 | library, client, server | TLS 1.3 |
| Quinn | draft-28 | library, client, server | TLS 1.3 |
| TQUIC | v1 | library, client, server | TLS 1.3 |
| Name | Version | Roles | Handshake |
|---|---|---|---|
| quic-go | always the current draft | library, client, server | TLS 1.3 RFC |
| Name | Version | Roles | Handshake |
|---|---|---|---|
| Node.js QUIC | draft-25 | client, server | TLS 1.3 |
| Name | Version | Roles | Handshake |
|---|---|---|---|
| aioquic | draft-29 | library, client, server | TLS 1.3 |
| Name | Version | Roles | Handshake |
|---|---|---|---|
| Haskell quic | draft-29 | library, client, server | TLS 1.3 |
| Name | Version | Roles | Handshake |
|---|---|---|---|
| kwik | draft-29, draft-30, draft-31, draft-32 | library, client | TLS 1.3 |