Items tagged with: ngtcp2

Search

Items tagged with: ngtcp2

quite interesting details about quic support. It affects also DNS over QUIC, not only HTTPS/3. At least unbound and bind9 are compiled with OpenSSL on Fedora. Unbound has added recently server support via #ngtcp2. But it gets weird and inappropriate, linking two different crypto stacks into single binary. The reason is similar to curl. Normal TLS from OpenSSL, quic via gnutls. If it should be enabled, then this way...
#ngtcp2

An #ngtcp2 lead developer told me they have no current plans to adapt to the new #OpenSSL #QUIC API because of its lack of 0RTT support and the "pull model".

Of course someone else can go ahead and write it and ideally someone from #OpenSSL does it, for dogfooding purposes.

I have no heard of any other QUIC stack either having adapted to it yet.

#OpenSSL #quic #ngtcp2

I now hope for #OpenSSL to work with #ngtcp2 to make sure #QUIC works fine in that combo. Then we can leave the slow OpenSSL-QUIC implementation in its dusty corner and perhaps see rather wide HTTP/3 + curl adoption coming up.
#OpenSSL #quic #ngtcp2

Until improved, I believe the sever performance degradation and memory use compared to #ngtcp2 are reasons enough for us to not recommend #OpenSSL QUIC for use with #curl in production.

Upload speed: ngtcp2 is 2-4x faster.

Memory use: in some tests, OpenSSL uses 25x the amount of memory.

#OpenSSL #curl #ngtcp2