According to you, is it possible to properly install the use of HTTP/3 on a web server such as GWAN ? If yes, do you have an idea of ideal way to proceed ? I was thinking of using a quic lib (wich one ? quiche) in the init.c file but I can't figure out the rest...
Thanks in advance.
This is very similar to your previous question about GOOGLE's HTTP/2:
So, don't be surprised if our answer is the same:
"I have not looked at this library so I can't tell for sure if it can be used without modifications, but it could certainly be used as the basis of an event-based G-WAN protocol handler."
At least on paper, HTTP/3 may look safer than HTTP/2 (if properly used, UDP will help to dismiss DDoS attacks) even if by-design HTTP/2 security flaws are more than likely to stay (i.e.: the ability to hide 1,000 remote servers acting in one single HTTP connections - defeating the 1-client/1-server security promise).
We did not investigate HTTP/3 because using thousands of times more code than necessary for the task of delivering a "secure protocol" is a very bad signal triggering very predictable results.
As a consequence, it is very unlikely that G-WAN will natively implement HTTP/2 or HTTP/3 in the near future.
What is more likely, if a new G-WAN release was later made public, is that 2009's G-WAN HTTP/1.1 support would be enhanced with post-quantum symmetric-key algorithms delivering long-term secure authentication, integrity and confidentiality.
G-WAN Javascript libraries and working examples would show how to proceed since there's no post-quantum symmetric-key algorithms support in today's Internet browsers (nor in GOOGLE's HTTP/3 by the way).
This would not be as safe as Global-WAN (the reason why G-WAN was created in the first place) but that would be quite an improvement as compared to today's standards (and their disastrous record on security).
