The QUIC specification was published one year ago, how is its deployment progressing ?
The web revolution started with the HTTP protocol. The first version of HTTP used a single TCP connection to transfer each HTML page. This was not acceptable for the first web pages that contained only text, but became inefficient when JavaScript, images and videos were added to all web pages. HTTP evolved and the main versions are HTTP/1.1 and HTTP/2.0 which uses a binary format and supports multiple streams over a single TCP connection.
The web did not stop at HTTP/2.0 and last year the Internet Engineering Task Force published HTTP/3.0. The most important modification introduced by HTTP/3.0 is that it works above the QUIC protocol. QUIC is a new protocol that combines the features of TCP, TLS and runs directly above UDP.
The main web companies have started to deploy QUIC several years ago. At the occasion of the first birthday of the publication of RFC9000 provides a closer look at the usage of QUIC in an interesting blog post.
What lessons can we learn from this deployment ?
- QUIC and HTTP/3 are now widely deployed by Content Providers (see also another blog post by Akamai)
- major browsers support HTTP/3 and QUIC, with Chrome leading the band
- malicious traffic still mainly uses HTTP/1 and HTTP/2, but there are HTTP/3 attacks already
- the search bots have not yet migrated to HTTP/3, with the exception of Linkedin
Given the growing importance of QUIC, it will likely be the major addition to the fourth edition of Computer Networking: Principles, Protocols and Practice ebook. The future QUIC chapter will likely be based on an unpublished and unfinished manuscript.