<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>On 11/23/2020 12:00 AM, jrzx via cryptography wrote:<br>
    </p>
    <blockquote type="cite"
cite="mid:jGPeKYkiyCjPlQFIRNDovyNif4qBopSF3oZKqVJ_PjRxoBR8Us7DRjVXOH-5eqhoEI5s8tqbUNDQIZUpFcAMcZcONjRYObvGBPmffxvjkjw=@protonmail.ch">
      <blockquote type="cite">
        <pre class="moz-quote-pre" wrap="">While QUIC started as a Google project, it is being standardized in the
IETF. There are several independent implementations of QUIC, by Apple,
Microsoft, Mozilla, Cloudflare and many others, including mine. They are
not "married to the Google code base".
</pre>
      </blockquote>
      <pre class="moz-quote-pre" wrap="">
Does your implementation use OpenSSL, or Google's fork of OpenSSL?</pre>
    </blockquote>
    <p>It uses PicoTLS, a from-the-ground-up implementation of TLS 1.3
      by Kazuho Ohu -- <a class="moz-txt-link-freetext" href="https://github.com/h2o/picotls">https://github.com/h2o/picotls</a>. Picotls allows
      for a variety of implementation of the crypto algorithms,
      including libcrypto from OpenSSL, a "fusion" implementation of
      AES-GCM developed by Kazuho, and a "mini crypto" implementation
      using <a href="https://github.com/ctz/cifra">cifra</a> for most
      crypto and <a href="https://github.com/kmackay/micro-ecc">micro-ecc</a>
      for secp256r1.</p>
    <p>As noted by Rich Saltz, different implementations use different
      implementations of TLS and different crypto libraries. Some use a
      forked branch of OpenSSL in which the API required by QUIC were
      added. The Microsoft implementation uses S-Channel or MiTLS from
      MSR. The Google implementation and some others use BoringSSL.
      Mozilla use their own library. Some implementations use rusttls. A
      few implementations allow developers to choose between OpenSSL,
      LibreSSL, etc.<br>
    </p>
    <blockquote type="cite"
cite="mid:jGPeKYkiyCjPlQFIRNDovyNif4qBopSF3oZKqVJ_PjRxoBR8Us7DRjVXOH-5eqhoEI5s8tqbUNDQIZUpFcAMcZcONjRYObvGBPmffxvjkjw=@protonmail.ch">
      <pre class="moz-quote-pre" wrap="">
Where is your implementation?</pre>
    </blockquote>
    <p><a class="moz-txt-link-freetext" href="https://github.com/private-octopus/picoquic/">https://github.com/private-octopus/picoquic/</a></p>
    <p>The list of implementations is at
      <a class="moz-txt-link-freetext" href="https://github.com/quicwg/base-drafts/wiki/Implementations">https://github.com/quicwg/base-drafts/wiki/Implementations</a>.</p>
    <p>The results of the automated interop testing set by Marten Seeman
      are at <a class="moz-txt-link-freetext" href="https://interop.seemann.io/">https://interop.seemann.io/</a>. The results from manual
      interop testing conducted periodically are at
<a class="moz-txt-link-freetext" href="https://docs.google.com/spreadsheets/d/1D0tW89vOoaScs3IY9RGC0UesWGAwE6xyLk0l4JtvTVg/edit#gid=1991873121">https://docs.google.com/spreadsheets/d/1D0tW89vOoaScs3IY9RGC0UesWGAwE6xyLk0l4JtvTVg/edit#gid=1991873121</a>.
      That spreadsheet includes tabs for the interop that have been
      going on since 2017. Interop testing was one of the basic tools of
      protocol development.<br>
    </p>
    <p>-- Christian Huitema
    </p>
    <blockquote type="cite"
cite="mid:jGPeKYkiyCjPlQFIRNDovyNif4qBopSF3oZKqVJ_PjRxoBR8Us7DRjVXOH-5eqhoEI5s8tqbUNDQIZUpFcAMcZcONjRYObvGBPmffxvjkjw=@protonmail.ch"></blockquote>
  </body>
</html>