QUIC is a modern transport protocol initially developed by Google and standardised by the IETF that aims to improve internet performance and security by integrating transport and cryptographic functions. Importantly, QUIC utilizes TLS 1.3 for its encryption. Lately, the TLS-Attacker framework has received as massive improvement on its QUIC implementation. The improved implementation would allows us to run existing TLS-Scanner probes existing written for classic TLS over TCP against QUIC servers. However, some probes are currently not working or unstable, and the results have not been tested and in general, this has not been extensively tested so far.
Your Tasks:
- Gather an overview of existing TLS-Scanner probes and determine their relevance for QUIC (e.g., Probes targeting Features deprecated or removed in TLS 1.3 are not relevant for QUIC)
- Determine the state of and potential problems with any Probes Relevant for QUIC
- Improve Probes where necessary and reasonable
- Evaluate the Results that TLS-Scanner provides for QUIC implementation
- Optional: Do a small large-scale Scan and briefly evaluate interesting results
