Comment by YetAnotherNick

Comment by YetAnotherNick a day ago

QUIC or any other technology still needs domain name and both the domain name ownership and DNS could be blocked by governments. Also IP could be blocked.

Kazik24 20 hours ago

There is DNS over QUIC, and in case your current Connection ID or IP is blocked during the connection, QUIC can use multiple IPs and CIDs for single connection, and CIDs are negotiated in encrypted part of packet. It's a mechanism for migrating connection over changing networks. Servers can also take advantage of that.

Server could have multiple QUIC output nodes to migrate connection in case one of them is blocked. The output node network can be shared by many servers and DoQ endpoints so blocking it entirely would scare government.

This solution still needs to connect to some known IP in order to establish connection first. And the same goes for DoQ. To mitigate this we can use Encrypted Client Hello as other commenter mentioned and connect to a pool instead of single IP.

Reply View 3 replies

immibis 3 hours ago

There is simply cutting all the wires that connect your guys to your enemy's guys. QUIC won't solve that. Protocols which hide routing information might, since then you can't tell where the right wires are.

Reply View | 0 replies
[removed] 18 hours ago

[deleted]

Reply View | 0 replies
YetAnotherNick 4 hours ago

I am not talking man in the middle thing which DNS over QUIC solves, but lawfully telling the domain registrar to forcefully take over the domain. Also multiple IPs doesn't solve anything if all the IPs could be identified.

Reply View | 0 replies