Comment by YetAnotherNick
15 hours ago
QUIC or any other technology still needs domain name and both the domain name ownership and DNS could be blocked by governments. Also IP could be blocked.
15 hours ago
QUIC or any other technology still needs domain name and both the domain name ownership and DNS could be blocked by governments. Also IP could be blocked.
There is DNS over QUIC, and in case your current Connection ID or IP is blocked during the connection, QUIC can use multiple IPs and CIDs for single connection, and CIDs are negotiated in encrypted part of packet. It's a mechanism for migrating connection over changing networks. Servers can also take advantage of that.
Server could have multiple QUIC output nodes to migrate connection in case one of them is blocked. The output node network can be shared by many servers and DoQ endpoints so blocking it entirely would scare government.
This solution still needs to connect to some known IP in order to establish connection first. And the same goes for DoQ. To mitigate this we can use Encrypted Client Hello as other commenter mentioned and connect to a pool instead of single IP.