UDP is unreliable.
No guarantee of message delivery
No acknowledgments, retransmissions, or timeouts
No guarantee of order of delivery
No packet sequence numbers, no reordering, no head-of-line blocking
No connection state tracking
No connection establishment or teardown state machines
No congestion control
No built-in client or network feedback mechanisms
As far as I know, HTTP/HTTPS uses TCP.
Could HTTP/HTTPS connections also be established using UDP?
Its being used today by google as an experimental investigation for chrome services.
Besides HTTP, it can be used for HTTPS too, thanks to QUIC protocol, as before mentioned.
As an example: if you're aiming to block HTTPS traffic on a Linux Router with IPTABLES/Netfilter, considering hosts that are on the LAN side, you cannot rely just on rules for dropping incoming connection with 443 as source port, considering transmission via TCP.
Take a look on this output from conntrack for deleting established connections:
$ conntrack -D --orig-src 192.168.0.13
udp 17 136 src=192.168.0.13 dst=216.58.193.14 sport=40660 dport=443 src=216.58.193.14 dst=192.168.100.1 sport=443 dport=40660 [ASSURED] mark=0 use=1
udp 17 151 src=192.168.0.13 dst=172.217.7.34 sport=46689 dport=443 src=172.217.7.34 dst=192.168.100.1 sport=443 dport=46689 [ASSURED] mark=0 use=1
udp 17 46 src=192.168.0.13 dst=216.58.193.14 sport=32995 dport=443 src=216.58.193.14 dst=192.168.100.1 sport=443 dport=32995 [ASSURED] mark=0 use=1
udp 17 55 src=192.168.0.13 dst=216.58.193.42 sport=40586 dport=443 src=216.58.193.42 dst=192.168.100.1 sport=443 dport=40586 [ASSURED] mark=0 use=1
These connections were established via UDP, as you can see.
Yes, you can. There is even a special protocol for it now. DTLS. Since you preferably want to have a stable and packets to come in order, when doing encryption you might as well do TCP. If you use UDP, you might need to resend or handle order of packets and such.
