WireGuard VPN is a step closer to mainstream adoption
As of this morning, Linux network stack maintainer David Miller has committed the WireGuard VPN project into the Linux "net-next" source tree. Miller maintains both net and net-next—the source trees governing the current implementation of the Linux kernel networking stack and the implementation of the next Linux kernel's networking stack, respectively.
This is a major step forward for the WireGuard VPN project. Net-next gets pulled into the new Linux kernel during its two-week merge window, where it becomes net. With WireGuard already a part of net-next, this means that—barring unexpected issues—there should be a Linux kernel 5.6 release candidate with built-in WireGuard in early 2020. Mainline kernel inclusion of WireGuard should lead to significantly higher uptake in projects and organizations requiring virtual private network capability.
[Ed. addition] Wireguard implements a fast, modern, secure VPN tunnel. According to Wikipedia:
WireGuard is a free and open-source software application and communication protocol that implements virtual private network (VPN) techniques to create secure point-to-point connections in routed or bridged configurations. It is run as a module inside the Linux kernel and aims for better performance than the IPsec and OpenVPN tunneling protocols. It was written by Jason A. Donenfeld and is published under the second version of the GNU General Public License (GPL).
(Score: 0) by Anonymous Coward on Thursday December 12 2019, @12:39PM
I'm not sure what is so complex about these protocols. IPsec is rather simple protocol. The problem is not in the protocol, but in the key server (CA management) and how the protocol is actually used. Saying IPsec is difficult is like saying driving is difficult because you need this license thing and follow the rules and such.
Well, some features are somewhat niche. The sad thing is that IPsec has not seen much adoption outside Windows Server where it's actually implemented well