QUIC Working Group

The IETF QUIC Working Group produced QUIC version 1 — a UDP-based, stream-multiplexing, encrypted transport protocol. The protocol itself is published as RFC 9000, and there are other related RFCs of note, see below.

We are now chartered to be the focal point for any QUIC-related work in the IETF. Our work covers maintenance and evolution of published specifications, the deployability of QUIC, and new extensions to QUIC.

The QUIC Working Group originated HTTP/3, the mapping of HTTP to QUIC, and the QPACK header compression scheme. These are now maintained by the HTTP Working Group.

If you'd like to participate in IETF Working Group activities please see the contribution guidelines. Source code for the webpages on this site is located on GitHub , we welcome issues and PRs.

Published RFCs

Core Specifications

The ‘core’ specifications comprising QUIC are:

RFC 8999 - Version-Independent Properties of QUIC
RFC 9000 - QUIC: A UDP-Based Multiplexed and Secure Transport
RFC 9001 - Using TLS to Secure QUIC
RFC 9002 - QUIC Loss Detection and Congestion Control

QUIC Extensions

QUIC can be extended in several ways. The following have been formally standardized as RFCs:

RFC 9221 - An Unreliable Datagram Extension to QUIC
RFC 9287 - Greasing the QUIC Bit
RFC 9368 - Compatible Version Negotiation for QUIC
RFC 9369 - QUIC Version 2

Applicability, Manageability, and Operations

Specifications providing considerations for application protocol developers using QUIC, and deployment / network operators managing/carrying QUIC:

RFC 9308 - Applicability of the QUIC Transport Protocol
RFC 9312 - Manageability of the QUIC Transport Protocol

HTTP/3 and QPACK

We originated the HTTP/3 and QPACK RFCs. Ownership of these drafts has now transferred back to the HTTP WG.

RFC 9114 - HTTP/3
RFC 9204 - QPACK

In-progress documents

In-progress documents for continued maintenance and evolution of QUIC, as described further in our charter.

Load Balancers - Datatracker / GitHub Repo
Acknowledgement Frequency - Datatracker / GitHub Repo
qlog
Multipath - Datatracker / GitHub Repo
Reliable Reset - Datatracker / GitHub Repo

Implementing QUIC

There are a range of implementations and tools, with a range of support for features of the core protocol and extensions.

Implementers should join the quicdev Slack to coordinate testing; contact the WG chairs for an invitation. Note that discussions on Slack are considered IETF contributions under “Note Well”.

Automated, continuous interop testing is performed for participating QUIC implementations. Implementers are encouraged to join this effort by making compatible Docker images of their implementations available.

Upcoming Meetings

IETF 122 Bangkok, 19 March 2025, Session II 13:00-15:00 local time

Reporting Vulnerabilities

If you believe you’ve discovered a vulnerability in the QUIC protocol (or related IETF protocols) please see the IETF’s guidance on how to report these.

If you believe you’ve discovered an implementation vulnerability in a product, open source project, or service using QUIC, then you should report these directly to the responsible party. The IETF does not have a formal means to reach these parties and cannot do so on your behalf. Implementers or operators often provide their own publicly-available disclosure documents that provide contact details and guidelines for reporters. The implementations and tools page may include a link to such documents under the “Vulnerability reporting” field. If you believe the same vulnerability affects multiple different implementations or deployments, then a coordinated responsible disclosure may be the best path forward; please reach out to WG chairs for further information.