| > Plain text is typically used as the opposite of 'binary'. You are intending to say 'unencrypted' or 'clear text', not 'plain text'. SCTP is not encrypted by default. It is a transport protocol and it is intended that https://en.wikipedia.org/wiki/Plaintext Also, context. None of what I wrote makes any sense under the assumption that I was talking about a 'character string protocol'. > the advantage is that DTLS over SCTP is an internet standard that was created organically by a variety of motivated individuals and organizations. DTLS over SCTP does not require kernel encryption, and is implementable in userspace. This is similar to how TLS is implemented in userspace but uses the kernel TCP drivers. Which is true, but obviously does not apply to SCTP over DTLS, which is what you were talking about in your previous post. > There is no reason to replace something that works, with something that is exactly the same, except for the fact it's invented by Google. Well, true. Which is why it is relevant that QUIC is not exactly the same, as I have explained a dozen times now. > You claim QUIC is encrypted. It is not. QUIC is a transport protocol and transport protocols need their headers to be inspectable to provide good routing, etc. The payloads are encrypted, like any other transport protocol. Routing happens at the IP layer, so, no, a transport protocol does not need to be inspectable. And in fact it is an explicit design goal of QUIC to minimize what is inspectable. Which is why it is essentially uninspectable. All that is inspectable is a connection ID and a packet sequence number. The sequence number doesn't really tell you anything as it is not even a sequence number of payload segments, but only of transport packets (so retransmits get new sequence numbers). The connection ID tells you which packets form a connection ... but then there is essentially one connection between two endpoints, so nothing to see there either that isn't obvious from the network layer anyway. But none of the flow control machinery is inspectable by the network, and even the unencrypted header fields are still authenticated so as to prevent any meddling by middle boxes. Also, you know, you can read all of this in the specification, maybe that'd be better than removing more doubt? https://tools.ietf.org/html/draft-tsvwg-quic-protocol-02#sec... |
I did mention sctp over dtls, but not as a replacement for quic. Only to say that it is a transport protocol that already is being used