Buy commercial curl support from
WolfSSL. We help you work out your issues, debug your libcurl
applications, use the API, port to new platforms, add new features and more.
With a team lead by the curl founder himself.
Re: How are folks handling HTTP3 TLS?
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Daniel Stenberg via curl-distros <curl-distros_at_lists.haxx.se>
Date: Tue, 9 Apr 2024 23:08:39 +0200 (CEST)
On Tue, 9 Apr 2024, Billy O'Neal (VC AIR) wrote:
> We are interested in how other distros solve the quic problem in the future.
As a smaller follow-up regarding HTTP/3:
OpenSSL 3.3 was just released, and parts of this release is enhanced QUIC
support. (I'm pretty sure our (Stefan Eissing's really) work on QUIC in curl
using their API pushed for this pretty strongly.)
The improvements make OpenSSL QUIC much better than in the previous release.
We have however decided that the OpenSSL 3.3 QUIC powered backend in curl will
remain labeled experimental for the time being, for two primary reasons:
1. their API is still lacking: it forces curl to sometimes fall back to
busy-loops because we can't poll it properly.
2. the performance is severly lacking, making curl using ngtcp2 roughly twice
as fast in similar network conditions
We hope and cross our fingers that the OpenSSL team will prioritize improving
their QUIC API further. Maybe OpenSSL 3.4 will provide the API necessary to do
QUIC proper with curl. I have no insights yet if it will nor do I know when
such a release will happen.
For curl, the ngtcp2 powered backend remains the only QUIC backend not labeled
EXPERIMENTAL and I don't see a lot of movements in changing the state of the
others.
Date: Tue, 9 Apr 2024 23:08:39 +0200 (CEST)
On Tue, 9 Apr 2024, Billy O'Neal (VC AIR) wrote:
> We are interested in how other distros solve the quic problem in the future.
As a smaller follow-up regarding HTTP/3:
OpenSSL 3.3 was just released, and parts of this release is enhanced QUIC
support. (I'm pretty sure our (Stefan Eissing's really) work on QUIC in curl
using their API pushed for this pretty strongly.)
The improvements make OpenSSL QUIC much better than in the previous release.
We have however decided that the OpenSSL 3.3 QUIC powered backend in curl will
remain labeled experimental for the time being, for two primary reasons:
1. their API is still lacking: it forces curl to sometimes fall back to
busy-loops because we can't poll it properly.
2. the performance is severly lacking, making curl using ngtcp2 roughly twice
as fast in similar network conditions
We hope and cross our fingers that the OpenSSL team will prioritize improving
their QUIC API further. Maybe OpenSSL 3.4 will provide the API necessary to do
QUIC proper with curl. I have no insights yet if it will nor do I know when
such a release will happen.
For curl, the ngtcp2 powered backend remains the only QUIC backend not labeled
EXPERIMENTAL and I don't see a lot of movements in changing the state of the
others.
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://curl.se/support.html -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-distros Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2024-04-09