Are there any risks or potential issues when enabling HTTP/3 and 0-RTT?

I want to enable HTTP/3 and 0-RTT on my sites, but I am worried it may cause problems for my visitors.

Are there any potential issues that might occur when enabling these or can I safely do it?

Also, what is the purpose of having an option to disable or enable these options?


Only nerds with pre-release versions of browsers are using HTTP/3, so I would not worry too much about them having issues. You are also not going to see any massive benefit today, given the limited user agents supporting H3.

0-RTT has potential security issues you should consider before enabling, but I have not experienced any issues. 0-RTT will show greatest benefit if your users on on high latency connections.

I consider both to be pretty safe.

As to why there is an option to enable/disable them? H3 is still in development, so it would be a terrible move to enable it for everybody by default with no option to disable. And 0-RTT might have security issues for customers it needs to be configurable.

Thank you very much for the feedback.

This topic was automatically closed after 14 days. New replies are no longer allowed.