TCP alternative QUIC reaches IETF's Standards Track after eight years of evolution

Google spawned it, Cloudflare backed it, Microsoft made its own cut. Boffins worry it didn't improve privacy


Quick UDP Internet Connections (QUIC) have graduated to Internet Engineering Task Force’s standards track.

The QUIC spec, aka RFC 9000, appeared on May 27th, marking the end of the beginning for a story that started in 2013 when Google revealed it was playing with QUIC, which it then described as "an early-stage network protocol we are experimenting with, [which] runs a stream multiplexing protocol over a new flavor of Transport Layer Security (TLS) on top of UDP instead of TCP."

QUIC’s best trick is to allow a client and server to exchange data with less overhead. Cutting out the extra round trips needed to establish a TCP link means less traffic and faster connections. That’s especially welcome on wireless networks, which are nearly always shared and see contention for resources. Just in case you haven’t noticed, there’s about three billion wireless devices out there on cellular networks, so anything that makes networks behave better for them is welcome by users, network operators, content providers, and plenty of other stakeholders.

Connectivity-greasing company Cloudflare liked QUIC so much it’s offered it as a service for a few years now. Microsoft has used QUIC to carry SMB traffic and proclaimed it “the future of distributed systems.” True to form, Microsoft has also created its own version of QUIC and open-sourced it.

Google’s already baked QUIC into its Chrome browser and that gives it a presence on hundreds of millions of devices.

But QUIC has not been widely adopted elsewhere. A Cloudflare post celebrating QUIC’s ascension to the standard track says it can detect “around 12% of Internet traffic using QUIC with HTTP/3.”

QUIC’s new status has seen Cloudflare take its QUIC service out of beta and offer it to all comers, in the hope of making it more prevalent.

It’s hard to argue against anything that speeds networks. But be careful what you wish for, because in January 2021 networking boffins rated QUIC as more vulnerable to web fingerprinting than HTTPS, a technology QUIC was intended to supplant. ®


Other stories you might like

Biting the hand that feeds IT © 1998–2021