On Mon, Jun 07, 2021 at 02:46:32PM +0200, Robin MARX <[email protected]> wrote a message of 127 lines which said:
> Could you give more (technical) details why you feel long-lived QUIC > connections can allow user tracking, and specifically in the IP-switching > case? > > For an on-path attacker observing encrypted QUIC Indeed, I forgot an important thing: tracking BY THE SERVER (obviously, QUIC protects against an observer). > For an attacker with access to the decrypted payloads, I'm not sure how > QUIC differs from TCP or H3 differs from H2 in your view? TCP and H2 do not survive IP address change. And I suspect that long-term connections might be more common with QUIC.
