Tagged: http3

QUIC Initial packet broken into labelled byte fields with the transport-parameters block highlighted

HTTP/3 and QUIC fingerprinting: the transport parameters that identify a client

How a QUIC client gives itself away before any application data flows: the unencrypted Initial packet, the transport parameters in the TLS-in-QUIC ClientHello, version negotiation, and why server-side detection here is still near-greenfield.

http3 quic fingerprinting

Mon, February 23, 2026 · 20 min read

Byte layout of a QUIC Initial packet long header with the version and connection ID fields highlighted

QUIC initial packets and the fingerprint surface of the handshake

A packet-level tour of the QUIC Initial: long header, version, connection IDs, the salt-derived initial keys, datagram padding, packet coalescing, and what stays observable on the wire for fingerprinting.

http3 quic fingerprinting

Sun, February 22, 2026 · 18 min read