QUICker connection establishment with out-of-band validation tokens

QUIC is a secure transport protocol that improves the performance of HTTPS. An initial QUIC handshake that enforces a strict validation of the client's source address requires two round-trips. In this work, we extend QUIC's address validation mechanism by an out-of-band validation token to save one round-trip time during the initial handshake. The proposed token allows sharing an address validation between the QUIC server and trusted entities issuing these tokens. This saves a round-trip time for the address validation. Furthermore, we propose distribution mechanisms for these tokens using DNS resolvers and QUIC connections to other hostnames. Our proposal can save up to 50% of the delay overhead of an initial QUIC handshake. Furthermore, our analytical results indicate that 363.6ms in total can be saved for all connections required to retrieve an average website, if a round-trip time of 90ms is assumed.