1. 56

  2. 13

    WireGuard landing in the Linux kernel also means that many other amazing applied cryptography technologies will land in the Linux kernel (if partially):

    This also increased the probability for Zinc landing in the kernel at a later time.

    1. 2

      I always forget about Noise, but this is a really cool observation. Hopefully more can be made to use these facilities. Thanks for pointing it out.

    2. 8

      This is very good news. WireGuard appears to be a big step forward in terms of security and maintainability.

      1. 3

        My thoughts exactly. I can see myself using WireGuard much more that I can see myself using some of the existing options, both on my regular machines as well as mobile devices.

        1. 1

          It wasn’t there already?? I’ve assumed that it was merged like back when the hype about it started..

          1. 3

            To my knowledge they had quite long arguments about including Zinc in the kernel or not. The author of WireGuard wanted to bring Zinc into the kernel, the kernel maintainers did not want to include it and instead told WireGuard to use the already existing crypto functionality. To my knowledge the agreement now is that they will not bring Zinc into the kernel.

            1. 3

              So Wireguard will require some out of tree module(s) for Zinc, or is Wireguard now using in-tree crypto functionality instead of Zinc?

              1. 4

                Some parts of Zinc were adopted in to the kernel, and some parts of Wireguard were updated to use the existing kernel APIs: https://www.phoronix.com/scan.php?page=news_item&px=Crypto-API-Doing-Some-Zinc

                1. 1

                  Oh, thanks for finding/sharing that! Seems like a good compromise.