Hi Jason, On Sun, Sep 12, 2021 at 5:11 PM Jason A. Donenfeld <[email protected]> wrote: > ... > Finally, tomorrow with the release of v0.4.8, we will move onto phase > 2. That means that WireGuardNT will be on by default. If something > goes wrong, you will still be able to disable it and revert to the > older wireguard-go/Wintun using the "UseUserspaceImplementation" > switch described on this page (as of September 2021; will be removed > in the future): > > https://git.zx2c4.com/wireguard-windows/about/docs/adminregistry.md > > But note that if you /do/ revert to using wireguard-go/Wintun, you > *must* absolutely email [email protected] with details as to why > you've done so, so that if there is a bug, we can fix it. If you do > not do this, it is possible that your bug will never be fixed, and in > a month or so, we'll move onto phase 3, and you will lose the ability > to revert to using wireguard-go/Wintun. Do not rely on other people to > report your bug for you; Windows is weird and diverse and there are no > guarantees that somebody else will run into your same problem. So > please: if you enable "UseUserspaceImplementation", send an email > saying why.
One month to move into the next phase may be a bit tight for some folks. 30 days is probably fine for a developer or standalone installation, but some organizations cannot move that fast. I've worked in US Financial and US Federal, and some changes take longer to approve. Some organizations have processes in place that require approvals from management. It may take months to get a Change Control Request approved. When I worked at Treasury a trivial change could take two or three months and it required management signoffs and complete testing before being released to the production network. Nearly everyone dreaded a Change Control Request. It may be noteworthy... on Windows OSes, the trend is to move stuff out of the kernel and into userspace to reduce risk. For example, Microsoft moved parts of the GDI out of the kernel and into userspace. So some folks may actually want the userland architecture to reduce risk. Jeff
