mtlsquic

mTLS Support in Quic Protocol - RFC-9000


I've recently been exploring the RFC-9000 document and I'm seeking certain information related to it. Despite going through the resource in detail, I wasn't successful in finding what I was looking for (maybe I was bad on searching...)

Specifically, I'm interested in the feasibility of mutual TLS (mTLS) or at least client-secured authentication in the context of the Quic protocol. Is it possible to implement such security measures using Quic?

I appreciate any insights or guidance on this matter. Thank you in advance for your assistance.

Best regards.

In 2018 this guy said IETF Quic will support this. (https://github.com/quic-go/quic-go/issues/1366#issuecomment-390358310). Is this now ?


Solution

  • Is it possible to implement such security measures using Quic?

    Yes, it is. Amazon offers an example implementation of QUIC with mTLS here.

    You can also take a look at RFC9001 which includes more information on how QUIC utilizes TLS.