Re: [quicwg/base-drafts] HTTP/QUIC without Alt-Svc? (#253)

Mike Bishop <> Thu, 07 November 2019 15:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E94621208B0 for <>; Thu, 7 Nov 2019 07:23:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.382
X-Spam-Status: No, score=-6.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 7qOfaiN5niqp for <>; Thu, 7 Nov 2019 07:23:01 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 48EBA1208A9 for <>; Thu, 7 Nov 2019 07:23:01 -0800 (PST)
Date: Thu, 07 Nov 2019 07:23:00 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1573140180; bh=Q4RvOwfIQ6X/lccDo+oOilxxykQR/Rh9kMfOtQnJ9hE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=DhOXyItEZke+8z1fRDuzavtYTmHAVul80pNGE4585b7zl+eysDNktEA7ZAKeYS7pN afm/h2iii+l2hAl6P5Mg1SmKEuL0+fazzUfKCi9gsa2FvIItZ4Fz/OnueMKCWs2fvO RIwN/e9++A2EqEvkN+ZB4k4yBIXulpJVbBesfd/4=
From: Mike Bishop <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/253/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] HTTP/QUIC without Alt-Svc? (#253)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5dc436d462b14_a113ff571ecd9602581ea"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 07 Nov 2019 15:23:03 -0000

Not exactly the place for this question.

QUIC uses TLS, so you'll need a certificate to terminate a QUIC connection.  If a browser implements the mechanism to upgrade http:// URLs to TLS [RFC8164], it could do the same to upgrade to QUIC; I'm not aware that any do.  QUIC will not be a separate scheme.  QUIC will detect all the same MitM attacks that TLS does; if you trust a malicious root cert, nothing will help you.  QUIC is a transport, so it could be used for other application-level protocols in the future if those protocol mappings are defined.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: