Hi Lucas,
1) Just opening a second QUIC connection is not enough as it will most
likely use the same path as the first. Some API to list interfaces and
their properties is needed. Then the second second connection can be
bound to the desired interface. If for example you want to check the
available WiFi networks in Android then you need location permissions
and the user needs to grant them and can revoke them anytime. In
addition you need to write some legal text what you do with this data.
2) Is probably similar to 1) but may use some system library to do the
job and hide it from the application itself.
I can't speak for others but my expectation would be that some OS-level
API should abstract network layer information when possible. Still and
e2e solution will reveal the clients changing external IP addresses on
the server side. A longer lived multipath connection may be used to
track the user.
Regards,
Roland
Am 23.10.2020 um 22:31 schrieb Lucas Pardue:
Hi Roland,
On Fri, Oct 23, 2020 at 8:34 PM Roland Zink <[email protected]
<mailto:[email protected]>> wrote:
A application works with a single connection most of the time. As
application developer you probably can't afford to put any effort
in improving this when it isn't absolute necessary. If you do it
on the application layer then the application may also get
location information out of it, like IP addresses or WiFi names,
and this is a privacy issue.
This is an interesting thought and I wonder if you might be able to
elaborate some. The userland QUIC libraries I'm familiar with require
applications to do a lot of their own lifting with regards to the network.
I'm particularly interested whether there is any difference say between:
1) An HTTP/3 client application that wants to open two QUIC
connections using a userland QUIC library.
2) An HTTP/3 client application that wants to open one multipath QUIC
using a userland QUIC library.
Is the expectation here that there is some TBD OS-level API would
abstract network layer information from the application in the name of
privacy?
Cheers
Lucas
