Onion Information

http://wgq3bd2kqoybhstp77i3wrzbfnsyd27wt34psaja4grqiezqircorkyd.onion/notes/2022/10/24/openssl-and-quic/

OpenSSL and QUIC - Seirdy

A rough timeline of QUIC support in OpenSSL-like libraries: BoringSSL implements QUIC. Quiche, a QUIC library, requires BoringSSL. Nginx can be patched to use

Onion Details

Page Clicks: 0

First Seen: 03/11/2024

Last Indexed: 10/21/2024

Domain Index Total: 190

Onion Content

A rough timeline of QUIC support in OpenSSL-like libraries: BoringSSL implements QUIC. Quiche, a QUIC library, requires BoringSSL. Nginx can be patched to use Quiche for HTTP/3. Nginx’s experimental QUIC branch (nginx-quic) is released. It requires BoringSSL. Some organizations (mostly Akamai) fork OpenSSL to implement the BoringSSL QUIC API, calling their fork QuicTLS. They plan to upstream changes. nginx-quic supports building with QuicTLS too. OpenSSL decides against the BoringSSL API and declines QuicTLS patches, preferring to write their own incompatible implementation. LibreSSL implements the BoringSSL QUIC API. nginx-quic can link against LibreSSL as well as BoringSSL and QuicTLS; they all use similar APIs. (I believe wolfSSL is mostly compatible with the BoringSSL QUIC API, but I might be wrong.) Developers will have a harder time supporting multiple TLS implementations, hurting the viability of e.g. LibreSSL-based distributions.

Blog

Advertise