diff options
author | Matt Caswell <matt@openssl.org> | 2023-10-25 12:31:19 +0100 |
---|---|---|
committer | Hugo Landau <hlandau@openssl.org> | 2023-10-30 07:55:41 +0000 |
commit | a9044628c8cddfdf0686215b2c61dcbea61f95a4 (patch) | |
tree | 92619c8dc339e0134e6fd371d03dd60291b9f233 /doc/man7 | |
parent | 4da702b61e7a2180eda4de5a922c68a7c0b48f51 (diff) |
Update README-QUIC.md
We move some of the "why QUIC" content into the guide and just provide a
summary in README-QUIC.md.
We also clarify how to use s_client with QUIC.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22505)
(cherry picked from commit 355fd1f45b707d2b066d6dff555dd53928e55627)
Diffstat (limited to 'doc/man7')
-rw-r--r-- | doc/man7/ossl-guide-quic-introduction.pod | 59 |
1 files changed, 56 insertions, 3 deletions
diff --git a/doc/man7/ossl-guide-quic-introduction.pod b/doc/man7/ossl-guide-quic-introduction.pod index bb79e5b438..3141dfd209 100644 --- a/doc/man7/ossl-guide-quic-introduction.pod +++ b/doc/man7/ossl-guide-quic-introduction.pod @@ -20,9 +20,62 @@ communicate over a network. It is defined in RFC9000 (see L<https://datatracker.ietf.org/doc/rfc9000/>). QUIC integrates parts of the TLS protocol for connection establishment but independently protects packets. It provides similar security guarantees to TLS such as confidentiality, -integrity and authentication (see L<ossl-guide-tls-introduction(7)>). It -additionally provides multiplexing capabilities through the use of "streams" -(see L</QUIC STREAMS> below). +integrity and authentication (see L<ossl-guide-tls-introduction(7)>). + +QUIC delivers a number of advantages: + +=over 4 + +=item Multiple streams + +It supports multiple streams of communication (see L</QUIC STREAMS> below), +allowing application protocols built on QUIC to create arbitrarily many +bytestreams for communication between a client and server. This allows an +application protocol to avoid problems where one packet of data is held up +waiting on another packet being delivered (commonly referred to as +"head-of-line blocking"). It also enables an application to open additional +logical streams without requiring a round-trip exchange of packets between the +client and server as is required when opening an additional TLS/TCP +connection. + +=item HTTP/3 + +Since QUIC is the basis of HTTP/3, support for QUIC also enables applications +to use HTTP/3 using a suitable third-party library. + +=item Fast connection initiation + +Future versions of OpenSSL will offer support for 0-RTT connection initiation, +allowing a connection to be initiated to a server and application data to be +transmitted without any waiting time. This is similar to TLS 1.3's 0-RTT +functionality but also avoids the round trip needed to open a TCP socket; thus, +it is similar to a combination of TLS 1.3 0-RTT and TCP Fast Open. + +=item Connection migration + +Future versions of OpenSSL will offer support for connection migration, allowing +connections to seamlessly survive IP address changes. + +=item Datagram based use cases + +Future versions of OpenSSL will offer support for the QUIC datagram extension, +allowing support for both TLS and DTLS-style use cases on a single connection. + +=item Implemented as application library + +Because most QUIC implementations, including OpenSSL's implementation, are +implemented as an application library rather than by an operating system, an +application can gain the benefit of QUIC without needing to wait for an OS +update to be deployed. Future evolutions and enhancements to the QUIC protocol +can be delivered as quickly as an application can be updated without dependency +on an OS update cadence. + +=item Multiplexing over a single UDP socket + +Because QUIC is UDP-based, it is possible to multiplex a QUIC connection on the +same UDP socket as some other UDP-based protocols, such as RTP. + +=back =head1 QUIC TIME BASED EVENTS |