Hi,
On 15/11/18 02:02, neel@neelc.org wrote:
How would Tor deal with HTTP/3 (a.k.a. HTTP over QUIC), considering that Tor is a TCP anonymizer, and HTTP over QUIC (and QUIC itseld) uses UDP? Would we need Tor to support UDP? Just QUIC?
One reason we don't support UDP in Tor because it is connection-less, and the connection concept in TCP means that the server at the other end needs to accept the connection before we start sending larger amounts of data to it.
Saying this, QUIC is not UDP. It may use UDP for the sake of middlebox traversal but is in fact a connection-oriented transport protocol. (If you ignore the unreliable datagrams draft currently in the IETF QUIC WG).
This recent presentation at the IETF looks at some of the ways that QUIC and HTTP/QUIC can be tunneled from the perspective of the client interface and the exit relay:
https://datatracker.ietf.org/meeting/102/materials/slides-102-httpbis-hint-a...
To really get benefits from things like streams, it could be necessary to map some of the QUIC internals into the Tor protocol.
Note that SOCKS 5 actually does already support UDP, we just don't implement this part of the protocol for clients.
I'm not a Network Team person so I don't know if this is currently something being considered, but given that the IETF hasn't actually standardized QUIC yet this is probably not going to be needed urgently.
Thanks, Iain.