What is QUIC?

QUIC is the name for a new experimental protocol, and it stands for Quick UDP Internet Connection.  The protocol supports a set multiplexed connections over UDP and was designed to provide security protection equivalent to TLS/SSL, along with reduced connection and transport latency found in TCP connections. An experimental implementation is being put in place in Chrome by a team of engineers at Google but also be found in Opera 16+ now.

To check if you have QUIC enabled or disabled you need to open a new tab in Chrome and go to chrome://flags/  

Once at this page you should be able to scroll down and find Experimental QUIC protocol.

Why may you want to disable QUIC?

If you are using any web proxy or web filtering solution normally they will record and analyse TCP traffic is that is on port 80 and 443 but because QUIC uses UDP on port 80 and 443 this traffic can go through unfiltered and unmonitored. If you are finding your web proxy or web filtering is allowing some sites are should be blocked normally. Google services such as YouTube and Google Drive make use of QUIC for streaming media and serving web pages. Adoption rates are low currently but Google is pushing for higher adoption as part of the HTTP2 revision.

What is SSL?

SSL stands for Secure Sockets Layer it’s the technology for keeping an internet connection secure and protecting any sensitive data that is being sent between two systems, preventing anyone from reading and modifying any information transferred, including potential private details. The two systems can be a server and a client (for example, a shopping website and browser) or server to server (for example, an application with personal identifiable information or with payroll information). The last version of SSL was SSL 3.0 created in 1996 which was superseded by TLS 1.0 in 1999. As of 2014 SSL version 3.0 has been considered insecure and vulnerable to attacks such as POODLE.

SSL/TLS does this by making sure that any data transferred between users and sites, or between two systems remain impossible to readIt uses encryption algorithms to scramble data in transit, preventing hackers from reading it as it is sent over the connection. This information could be anything sensitive or personal which can include credit card numbers and other financial information.


TLS (Transport Layer Security) is just an updated, more secure, version of SSL. When buying a SSL certificate, you are actually getting a TLS certificate but is still commonly referred to as a SSL certificate. The latest version of TLS is version 1.3 (working draft only supported by firebox at the time of writing) and version 1.2 is the most used in production currently.


HTTPS (Hyper Text Transfer Protocol Secure) appears in the URL when a website is secured by an SSL certificate. The details of the certificate, including the issuing authority and the corporate name of the website owner, can be viewed by clicking on the lock symbol on the browser bar.


Hash Algorithms

Hash algorithms are used to secure certificate information and confirm the certificate between devices is genuine . SHA1 algorithms have now been replaced by SHA256 for website certificates as the most common algorithm with SHA3 being the latest version but not widely adopted.



We can see here SHA256 algorithm with RSA encryption which standard across many certificates. Older SHA1 certificates should be replaced with newer SHA256 certificates as soon as possible as web browsers in 2017 will start alerting end users and blocking access to sites still using SHA1 certificates.