[Cryptography] IPsec DH parameters, other flaws
jamesd at echeque.com
jamesd at echeque.com
Mon Nov 23 00:49:34 EST 2020
> On Wed, 18 Nov 2020, Peter Gutmann wrote:
>
>> And If we can't get people to adopt IPv6, why would anyone care about
>> QUIC?
On 2020-11-18 15:04, Dave Horsfall wrote:
> I've studied IPv6, and still cannot understand it; it's a horse that
> turned out to become a camel.
A camel is a horse designed by a committee.
QUIC has a sound design, in that it is more friendly to the message
oriented way that TCP actually works in practice, considerably more
efficient at handling encrypted streams because encryption block
boundaries happen at datagram boundaries, and most importantly reduces
redundant round tripping by integrating the TCP handshake with the
encryption handshake.
But it fails to handle the DDOS problem, and its worst feature is that
it married to the Google code base, which was designed by geniuses but
is maintained by idiots.
Google has no end of really great code, but if someone attaches a
millstone instead of a life preserver to the codebase, I would rather
not have my code attached to that code at the hip.
More information about the cryptography
mailing list