"John Snow" - Quic is coming!!
https://en.wikipedia.org/wiki/QUIC
https://tools.ietf.org/html/draft-ietf- ... ansport-16
https://www.chromium.org/quic
https://www.zdnet.com/article/http-over ... med-http3/
It seems, that it is near impossible for admins to identify, steer, or block streaming video and probably a hockey sock full of other items, that use quic technology.
Please advise on a date of INTENTION of having quic as a protocol on the protocol list and also a deeper dive into quic such that we can identify at least, some of its juicier parameters such as Client Hello!!
QUIC runs on UDP and runs encrypted BUT before settling.....
uses 'ClientHello' that has a parameter called "SERVER NAME" (as tls).
The associated wireshark LINE contains a standard time/source/destination etc and the protocol is QUIC and
the info part is as follows: Client Hello, PKN: 1, CID: xxxxxxxxxxxxxxx
The blowup of that line (the more detailed look) contains the amplifying information.
Tag: CHLO (Client Hello)
Tag number: 26
padding: 0000
Tag/value: PAQ
Tag/value: SNI (Server Name Indication) (l=14): www.google.com
Tag/value: STK