My curiosity stems from two parts. The first is that QUIC, except mandatory TLS, seems to be the most attractive "out of the box" transportation protocol for a personal group project (vs. TCP, UDP, and SCTP). Our desire for plain-text communication is because we need to watch the communication.
The second is slight concern that what became of TLS 1.0, 1.1, and 1.2 will become of 1.3. How will QUIC be updated to TLS1.3's successor? Lucas hinted that it's possible to swap out TLS. The answer to this concern is no doubt in the documentation you've worked on. Personally, I think mandatory TLS will be fantastic for internet traffic. I will be watching Martin Thomson's overview, thank you. -----Original Message----- From: Matt Joras <[email protected]> Sent: Monday, January 22, 2024 12:31 PM To: Nick Harper <[email protected]> Cc: Nicholas Warren <[email protected]>; [email protected] Subject: Re: Historic TLS Discussion (no hats on) What Nick says matches my understanding. Nicholas, could you elaborate why you're asking? I.e. are you curious _why_ QUIC mandates TLS 1.3, instead of something else, or leaving open the door more explicitly for something else? On Mon, Jan 22, 2024 at 10:25 AM Nick Harper <[email protected]> wrote: > > That discussion would've happened during the WG formation. That QUIC uses TLS > has been in the WG charter since the first draft that I see on the > datatracker, and the original approved charter calls out a key goal of > "Providing always-secure transport, using TLS 1.3 by default." > > On Mon, Jan 22, 2024 at 10:12 AM Nicholas Warren <[email protected]> > wrote: >> >> Hello quic wg. >> >> I am curious about how quic seemingly mandates usage of TLS (rfc9000 section >> 5); albeit I have not completely read quic-tls. >> >> Does anyone remember when you all discussed this? I was hoping to go back >> and read the archived list from when the discussion had taken place. >> >> Thanks, >> >> Nich Warren
