|
|
|
|
|
|
by vasilvv
971 days ago
|
|
|
QUIC requires the initial handshake packets to be at least 1200 bytes, and sets the anti-amplification limit of 3x [0]. This means that the server can typically send up to 3600 bytes in response (unless the client's handshake message exceeds one packet, which usually only happens if there is a post-quantum key share in it). 3600 bytes is usually enough, unless your certificate chain is too large, in which case you'd need to compress it. [1] is a nice overview of the problem. (full disclosure: I worked on some of this stuff) [0] https://datatracker.ietf.org/doc/html/rfc9000#name-address-v... [1] https://www.fastly.com/blog/quic-handshake-tls-compression-c... |
|
|