Surfing the Web quicker than QUIC via a shared Address Validation
share
QUIC is a performance-optimized secure transport protocol and a building block of the upcoming HTTP/3 standard. To protect against denial-of-service attacks, QUIC servers need to validate the IP addresses claimed by their clients. So far, the QUIC protocol conducts address validation for each hostname separately using validation tokens. In this work, we review this practice and introduce a new QUIC transport parameter to allow a shared address validation across hostnames. This parameter indicates to the client, that an issued validation token can be used to abbreviate the address validation when connecting to specific other hostnames. Based on trust-relations between real-world hostnames we evaluate the performance benefits of our proposal. Our results suggest that a shared address validation saves a round-trip time on almost 60 loading of an average website. Assuming a typical transatlantic connection with a round-trip time of 90ms. We find that deploying our proposal reduces the delay overhead to establish all required connections for an average website by 142.2ms.
READ FULL TEXT