сб, 10 февр. 2024 г. в 00:00, Tristan <tris...@mangadex.org>:

> Hi Ilya,
>
> On 09/02/2024 20:31, Илья Шипицин wrote:
> > I run QUIC Interop from time to time, WolfSSL shows the best
> > compatibility compared to LibreSSL and aws-lc.
> > it really looks like a winner today
>
> And in comparison to current QuicTLS?
>

QuicTLS

Run took 0:40:46.016826
+---------+------------------------+
|         |        haproxy         |
+---------+------------------------+
| quic-go | HDCLRC20MSRZ3BUAL2C1C2 |
|         |          EV2           |
|         |          L16           |
+---------+------------------------+
+---------+----------------------+
|         |       haproxy        |
+---------+----------------------+
| quic-go | G: 8879 (± 46) kbps  |
|         | C: 5504 (± 120) kbps |
+---------+----------------------+

wolfSSL

Run took 0:43:09.272822
+---------+---------------------+
|         |       haproxy       |
+---------+---------------------+
| quic-go | HDCLRC20MSR3BUAL2C2 |
|         |         EV2         |
|         |        ZL1C16       |
+---------+---------------------+
+---------+----------------------+
|         |       haproxy        |
+---------+----------------------+
| quic-go | G: 8508 (± 152) kbps |
|         | C: 5262 (± 441) kbps |
+---------+----------------------+

it is combination of quic-go client and haproxy.
wolfSSL passes all tests except "TestCaseHandshakeLoss" and
"TestCaseZeroRTT"

I configure wolfSSL as "./configure --enable-haproxy --enable-quic", maybe
there are some dedicated flags for 0-RTT, I didn't check yet


>
> > I'm afraid it practice it works in a different way.
> > First, you install WolfSSL to prod, next INSTALL/wiki got updated :)
>
> I appreciate the joke... :) but more seriously I am not very
> knowledgeable when it comes to low-level programming or the associated
> tuning/performance-testing.
> So even if I deployed it, my opinion on that topic is unlikely to be the
> best (besides bug reports anyway).
>
> Either way, for now I'm waiting on OCSP support first (hi William,
> Rémi); hopefully someone else figures out the best build flags by the
> time that's dealt with.
>
> Tristan
>

Reply via email to