QUIC UDP & http3 review
cfilleke opened this issue · 2 comments
cfilleke commented
Which verison of OpenSSL will have QUIC support?
cfilleke commented
@mattklein123 please add Ruslan Mstoi github.com/rmstoi to envoyproxy org & opensssl-dev team so we can assign this to him. thanks!
twghu commented
Envoy relies on BoringSSL to support QUIC/HTTP3
OpenSSL requires an Akamai patch to support. This currently breaks the integrity for FIPS.
- Identify OpenSSL 3.x support plans for QUIC
- Identify use of BoringSSL calls to support QUIC functionality in Envoy
- Identify implementation issues with OpenSSL
- https://www.openssl.org/blog/blog/2020/02/17/QUIC-and-OpenSSL/
- https://www.openssl.org/blog/blog/2021/12/03/starting-the-quic-design/
- https://daniel.haxx.se/blog/2021/10/25/the-quic-api-openssl-will-not-provide/
- openssl/openssl#8174
- https://community.centminmod.com/threads/http-3-quic-support-not-landing-in-openssl-until-3-1.19132/