QUIC

QUIC. It is a general-purpose transport layer network protocol initially developed by Google and later standardized by the Internet Engineering Task Force (IETF). Designed to provide security, reduced latency, and improved performance compared to existing protocols like TCP, it integrates features traditionally handled separately, such as those found in TLS. Its primary goal is to serve as a secure, multiplexed transport for HTTP traffic, forming the foundation for HTTP/3.

Overview

The protocol was conceived to address inherent limitations in the traditional Internet protocol suite, particularly the head-of-line blocking issues in TCP and the multiple round-trip handshakes required when combining TCP with TLS. By building on User Datagram Protocol (UDP), it establishes secure connections more quickly, often in zero or one round trip. Major technology companies, including Microsoft and Facebook, have been involved in its testing and implementation, recognizing its potential to improve user experience on the World Wide Web and within large-scale content delivery network infrastructures.

Technical design

At its core, the protocol combines the cryptographic handshake and transport mechanisms, using TLS 1.3 or later for encryption by default. Connection establishment is streamlined through the use of connection IDs, allowing for better mobility and resilience against changes in IP address or network interface. It implements native multiplexing, allowing multiple independent streams of data within a single connection without the head-of-line blocking found in TCP. Packet loss on one stream does not block others, and forward error correction mechanisms can be employed. Key technical documents are published as Request for Comments (RFCs), including RFC 9000 for the core transport and RFC 9001 for the TLS integration.

Development and standardization

Initial development began at Google in 2012, with the protocol being deployed experimentally in Google Chrome and on Google servers like those of YouTube. The experience gained from this large-scale deployment informed the standardization process within the IETF's QUIC working group, formed in 2016. The group, comprising contributors from Cloudflare, Mozilla, and Apple, among others, worked to create a version independent of Google's initial implementation. This process involved resolving technical debates around features like congestion control algorithms and the precise integration with TLS. The core specification suite was published as a standard in May 2021.

Adoption and deployment

Adoption has been rapid, driven by support from major web browser and cloud computing vendors. HTTP/3, which uses this protocol as its transport, is supported in Google Chrome, Mozilla Firefox, Microsoft Edge, and Safari. Major content delivery network providers like Cloudflare, Akamai, and Fastly have enabled it by default. Operating systems such as Microsoft Windows and Linux have seen kernel implementations, and libraries like libcurl and NGINX offer support. Its use is particularly beneficial for mobile applications on networks with high latency or packet loss, improving performance for services like Netflix and Spotify.

Comparison with TCP and TLS

Compared to the traditional stack of TCP and TLS, this protocol offers several distinct advantages. It reduces connection establishment latency by combining the transport and cryptographic handshakes, whereas TCP requires a multi-step handshake followed by a separate TLS negotiation. It eliminates head-of-line blocking at the transport layer, a problem inherent in TCP where a single lost packet delays all subsequent data. While TLS provides security for TCP, it is an integrated, non-optional component here. However, being based on UDP, it can face challenges with middleboxes like firewalls and network address translation devices that are optimized for TCP traffic, a hurdle less common for the established TCP/TLS combination.

Category:Internet protocols Category:Transport layer protocols Category:Internet standards