Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
lorentz1525813hI mean, HTTP2 "requires" TLS, but it's a separate layer so H2C is a strong standard with a very obvious definition. QUIC doesn't really work without TLS, so I'm not sure how an unencrypted version would even work, or whether anyone will support it.
-
retoor27911hReverse proxy is mostly done with HTTP/1.1 i guess. It's only from client to server. App receives its classic requests. Also, it's probably possible to do with disabling certificates check and us a self signed.
-
@BordedDev yeah, and I'm wondering why that would seem like a good idea when it's redundant for some contexts. Reverse proxies benefit from feature parity between the downstream and upstream protocol, which is why H2C is used.
-
I think it’s clearly designed (only) for infrastructure at scale. Your proxy would be running QUIC and internally it might be calling to any number of different servers over insecure HTTP/2 or maybe 1. It’s a bit dumb though, not every website is horizontally scaled or needs to be. QUIC definitely seems to fuck the middle class web server.
-
I'll just leave this one here, as I've _just_ read it.
Source: https://commitstrip.com/en/2018/... .
Related Rants
HTTP/3 requires TLS. Wouldn't this make it drastically less economical to run a reverse-proxy? Are 4 unnecessary cryptographic operations per request not significant? What about the bandwidth overhead of rounding up the length of responses like `HTTP 200 OK\r\nContent-Length: 2\r\n\r\n{}` which make up a majority of all traffic to the nearest encrypted block?
rant
tls
cryptography
http3
reverse proxies