Jens Finkhäuser
... what next can you optimize? You can put the key exchange even further up front, which may speed up the QUIC handshake.
And that only leaves us with DNS as anything that comes earlier. In addition to IP addresses and transport choices, now folk wish to put keys into DNS as well.
Which may be fine with small Edwards keys. But several KiB of post quantum cryptography key won't fit into a DNS message, which is in practice bound by the size of a UDP datagram.
So what then - we can't do DNS...
Jens Finkhäuser
... it's no longer enough to resolve names to IP addresses, you also have to resolve to choices of transport protocols.
With encrypted transports, you always have a key exchange to deal with, which can be slow.
The TLS issue is that you have a TCP handshake, which exchanges three packets. Once the TCP session is established, you have a TLS handshake, which is also three or more packets. QUIC adds key information from the start, so you only have one handshake that combines both purposes.
So...
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.