[pfschell]

>With QUIC, however, the identifier for a connection is not the traditional concept of a "socket" (the source/destination port/address protocol combination), but a 64-bit identifier assigned to the connection. This means that as you move around, you can continue with a constant stream uninterrupted from YouTube even as your IP address changes, or continue with a video phone call without it being dropped.

This is the ultimate dream of every surveillance company & gov't. Of course Google is solving this "problem."

[jetzzz]

In a typical scenario, when you connect to a website with one IP address, then change your network and connect again with different IP but using the same device/browser, that website knows that you are the same user. I don't see how having an identifier inside encrypted connection makes anything worse.

[blitmap]

This is definitely a risk. There are valid needs to wanting to resume a connection as it hops between gateways, but I definitely see abuse for this. The identifier doesn’t necessarily tie you to a location or name, but once you can associate that it is a risk.

[jabl]

IIUC, the stream identifier is not a persistent client identifier but more similar to a TCP connection.

So yes, as opposed to TCP, it will be able to work with changing IP addresses, but other than that, it's still a relatively short-term identifier. Google et al will still have to use cookies and whatnot to identify users over longer times.