| ▲ | bb88 14 hours ago | |
I think maybe it's easier for an adversarial network admin to block QUIC altogether. | ||
| ▲ | zamadatix 13 hours ago | parent | next [-] | |
The hope with QUIC is encrypted tunnels that look and smell like standard web traffic are probably first in the list of any allowed traffic tunneling methods. It works (surprisingly) a lot more often than hoping an adversarial network/security admin doesn't block known VPN protocols (even when they are put on 443). It also doesn't hurt that "normal" users (unknowingly) try to generate this traffic, so opening a QUIC connection on 443 and getting a failure makes you look like "every other user with a browser" instead of "an interesting note in the log". I.e. the advantage here is any% + QUIC%, where QUIC% is the additional chances of getting through by looking and smelling like actual web traffic, not a promise of 100%. | ||
| ▲ | danielheath 2 hours ago | parent | prev [-] | |
Blocking QUIC blocks a sizeable fraction of the web | ||