Between last time we discussed it and now, waiting seems to have been prudent, as the TLS/QUIC interaction got significantly revamped. The current QUIC drafts have TLS exporting key material and plaintext handshake messages, with QUIC record protection used on the wire and not TLS record protection. There is a huge amount of interest in QUIC at the IETF, and we will need to support it eventually. But that may be best as limited to exposing the needed APIs and not necessarily pulling in a full QUIC implementation -- I haven't thought about that question very much.
I don't think I would have the team as a whole prioritize QUIC over FIPS, though it may be worth someone taking an initial look at what would be needed. -Ben On Mon, Nov 12, 2018 at 11:34:20AM +0100, Richard Levitte wrote: > For those wanting to follow what's happening in QUIC space, this is a > good place to start: https://datatracker.ietf.org/wg/quic/about/ > > In message <20181112.113323.260349601387601601.levi...@openssl.org> on Mon, > 12 Nov 2018 11:33:23 +0100 (CET), Richard Levitte <levi...@openssl.org> said: > > > QUIC was mentioned a little more than a year ago. Since then, it > > seems that the drafts have moved forward with quite some speed: > > > > https://tools.ietf.org/html/draft-ietf-quic-transport-16 > > https://tools.ietf.org/html/draft-ietf-quic-tls-16 > > https://tools.ietf.org/html/draft-ietf-quic-recovery-16 > > > > There seems to be an effort to have the next major HTTP version be > > based on QUIC, at least if this blog is any indication: > > > > https://daniel.haxx.se/blog/2018/11/11/http-3/ > > > > So the question is, should we start taking a closer look? Last time, > > it seems like the discussions were cautiously positive, but never > > reached a conclusion. > > > > Thoughts? Anyone feeling enthusiastic and want to do something? > > > > Cheers, > > Richard > > > > -- > > Richard Levitte levi...@openssl.org > > OpenSSL Project http://www.openssl.org/~levitte/ > > > _______________________________________________ > openssl-project mailing list > firstname.lastname@example.org > https://mta.openssl.org/mailman/listinfo/openssl-project _______________________________________________ openssl-project mailing list email@example.com https://mta.openssl.org/mailman/listinfo/openssl-project