сб, 10 февр. 2024 г. в 00:00, Tristan <tris...@mangadex.org>:
> Hi Ilya, > > On 09/02/2024 20:31, Илья Шипицин wrote: > > I run QUIC Interop from time to time, WolfSSL shows the best > > compatibility compared to LibreSSL and aws-lc. > > it really looks like a winner today > > And in comparison to current QuicTLS? > QuicTLS Run took 0:40:46.016826 +---------+------------------------+ | | haproxy | +---------+------------------------+ | quic-go | HDCLRC20MSRZ3BUAL2C1C2 | | | EV2 | | | L16 | +---------+------------------------+ +---------+----------------------+ | | haproxy | +---------+----------------------+ | quic-go | G: 8879 (± 46) kbps | | | C: 5504 (± 120) kbps | +---------+----------------------+ wolfSSL Run took 0:43:09.272822 +---------+---------------------+ | | haproxy | +---------+---------------------+ | quic-go | HDCLRC20MSR3BUAL2C2 | | | EV2 | | | ZL1C16 | +---------+---------------------+ +---------+----------------------+ | | haproxy | +---------+----------------------+ | quic-go | G: 8508 (± 152) kbps | | | C: 5262 (± 441) kbps | +---------+----------------------+ it is combination of quic-go client and haproxy. wolfSSL passes all tests except "TestCaseHandshakeLoss" and "TestCaseZeroRTT" I configure wolfSSL as "./configure --enable-haproxy --enable-quic", maybe there are some dedicated flags for 0-RTT, I didn't check yet > > > I'm afraid it practice it works in a different way. > > First, you install WolfSSL to prod, next INSTALL/wiki got updated :) > > I appreciate the joke... :) but more seriously I am not very > knowledgeable when it comes to low-level programming or the associated > tuning/performance-testing. > So even if I deployed it, my opinion on that topic is unlikely to be the > best (besides bug reports anyway). > > Either way, for now I'm waiting on OCSP support first (hi William, > Rémi); hopefully someone else figures out the best build flags by the > time that's dealt with. > > Tristan >