Skip to content

HTTP/3-enable existing HTTP apps. Leverage HTTP3 native features and auto-enable workload identity (SPIFFE), AuthN (mTLS/x509, OIDC/Auth0-Okta), AuthZ (OPA), defense-in-depth (WAAP/WAF), and observability (metrics, logs, alerting, dashboard).

License

Notifications You must be signed in to change notification settings

quicsec/quicsec

Repository files navigation

QuicSec

Why

QuicSec middleware streamlines application migration to HTTP/3 and automates the injection of plugins for identity/certificate management and rotation, authentication/authorization and observability. The current QuicSec Feature List lists the current supported capabilities.

Overview

Upgrading your application to HTTP/3 can be done in 3 steps

  1. Build: Import QuicSec HTTP library
  2. Run with automated identity & security policies & observability & connection management

Detailed How To

  1. Build

Update your HTTP call with QuicSec Middleware Detailed guide

Update HTTP Service

  1. Run

Enable identity, security and observability plugins dynamically at runtime.

Sample App: Adding QuicSec to BookStore

Running Applications with QuicSec

The Bookstore Example illustrates how a set of microservices can be migrated with a one-line change to add HTTP/3 support, and in the process gain automatic identity management (certificate injection and rotation), security (mTLS with AuthN/Z) and observability (metrics, logs, performance analysis).

In addition, application access over HTTP/3 improves latency by up to a third vs using previous versions of HTTP.

About

HTTP/3-enable existing HTTP apps. Leverage HTTP3 native features and auto-enable workload identity (SPIFFE), AuthN (mTLS/x509, OIDC/Auth0-Okta), AuthZ (OPA), defense-in-depth (WAAP/WAF), and observability (metrics, logs, alerting, dashboard).

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages