From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dpreed@deepplum.com>
Received: from smtp65.iad3a.emailsrvr.com (smtp65.iad3a.emailsrvr.com
 [173.203.187.65])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by lists.bufferbloat.net (Postfix) with ESMTPS id 88E443B29E
 for <cerowrt-devel@lists.bufferbloat.net>;
 Thu,  2 Aug 2018 14:41:17 -0400 (EDT)
Received: from smtp9.relay.iad3a.emailsrvr.com (localhost [127.0.0.1])
 by smtp9.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 5BFEB564F;
 Thu,  2 Aug 2018 14:41:17 -0400 (EDT)
X-SMTPDoctor-Processed: csmtpprox beta
Received: from smtp9.relay.iad3a.emailsrvr.com (localhost [127.0.0.1])
 by smtp9.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 56E9A5898;
 Thu,  2 Aug 2018 14:41:17 -0400 (EDT)
Received: from app54.wa-webapps.iad3a (relay-webapps.rsapps.net
 [172.27.255.140])
 by smtp9.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 44F8B564F;
 Thu,  2 Aug 2018 14:41:17 -0400 (EDT)
X-Sender-Id: dpreed@deepplum.com
Received: from app54.wa-webapps.iad3a (relay-webapps.rsapps.net
 [172.27.255.140]) by 0.0.0.0:25 (trex/5.7.12);
 Thu, 02 Aug 2018 14:41:17 -0400
Received: from deepplum.com (localhost.localdomain [127.0.0.1])
 by app54.wa-webapps.iad3a (Postfix) with ESMTP id 32AB0A016D;
 Thu,  2 Aug 2018 14:41:17 -0400 (EDT)
Received: by apps.rackspace.com
 (Authenticated sender: dpreed@deepplum.com, from: dpreed@deepplum.com) 
 with HTTP; Thu, 2 Aug 2018 14:41:17 -0400 (EDT)
X-Auth-ID: dpreed@deepplum.com
Date: Thu, 2 Aug 2018 14:41:17 -0400 (EDT)
From: "dpreed@deepplum.com" <dpreed@deepplum.com>
To: "Dave Taht" <dave.taht@gmail.com>
Cc: cerowrt-devel@lists.bufferbloat.net
MIME-Version: 1.0
Content-Type: text/plain;charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Importance: Normal
X-Priority: 3 (Normal)
X-Type: plain
In-Reply-To: <CAA93jw57zrqugHiu1p0PZyr5ymLC_dy4dDFRDpyW_LwJ7KRhEA@mail.gmail.com>
References: <20180801.213753.1303803168352407122.davem@davemloft.net> 
 <CA+55aFz5EWE9OTbzDoMfsY2ez04Qv9eg0KQhwKfyJY0vFvoD3g@mail.gmail.com> 
 <CAA93jw57zrqugHiu1p0PZyr5ymLC_dy4dDFRDpyW_LwJ7KRhEA@mail.gmail.com>
Message-ID: <1533235277.205214909@apps.rackspace.com>
X-Mailer: webmail/15.4.1-RC
Subject: Re: [Cerowrt-devel] linus vs wireguard
X-BeenThere: cerowrt-devel@lists.bufferbloat.net
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Development issues regarding the cerowrt test router project
 <cerowrt-devel.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/cerowrt-devel>,
 <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/cerowrt-devel>
List-Post: <mailto:cerowrt-devel@lists.bufferbloat.net>
List-Help: <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/cerowrt-devel>,
 <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Thu, 02 Aug 2018 18:41:17 -0000

I don't like complexity invading the kernel, personally. But it's Linux's m=
onstrous kernel these days. We also seem to have user code being executed i=
n the kernel (eBPF), another very risky thing regarding security, especiall=
y.=0A=0AThe kernel mode of a system has incredible and universal power over=
 the entire system. That's why the Principle of Least Privilege, part of th=
e security canon that has proven itself worthy over and over, is as importa=
nt to OS kernels as the End to End argument is to the Internet.=0A=0ABut Li=
nus, never a security expert himself, has become a celebrity, and therefore=
 his bad ideas are brilliant by definition.=0A=0AAs to the ugliness of IPSe=
c, well, the Linux implementation might be ugly, but its the goddamn standa=
rd. Fix the stupid implementation if that is the problem.=0A=0ANope, not go=
nna happen.=0A=0A-----Original Message-----=0AFrom: "Dave Taht" <dave.taht@=
gmail.com>=0ASent: Thursday, August 2, 2018 2:26pm=0ATo: cerowrt-devel@list=
s.bufferbloat.net=0ASubject: [Cerowrt-devel] linus vs wireguard=0A=0A------=
---- Forwarded message ---------=0AFrom: Linus Torvalds <torvalds@linux-fou=
ndation.org>=0ADate: Thu, Aug 2, 2018 at 11:19 AM=0ASubject: Re: [GIT] Netw=
orking=0ATo: David Miller <davem@davemloft.net>=0ACc: Andrew Morton <akpm@l=
inux-foundation.org>, Network Development=0A<netdev@vger.kernel.org>, Linux=
 Kernel Mailing List=0A<linux-kernel@vger.kernel.org>=0A=0A=0AOn Wed, Aug 1=
, 2018 at 9:37 PM David Miller <davem@davemloft.net> wrote:=0A>=0A> Fixes k=
eep trickling in:=0A=0APulled.=0A=0ABtw, on an unrelated issue: I see that =
Jason actually made the pull=0Arequest to have wireguard included in the ke=
rnel.=0A=0ACan I just once again state my love for it and hope it gets merg=
ed=0Asoon? Maybe the code isn't perfect, but I've skimmed it, and compared=
=0Ato the horrors that are OpenVPN and IPSec, it's a work of art.=0A=0A    =
          Linus=0A=0A=0A-- =0A=0ADave T=C3=A4ht=0ACEO, TekLibre, LLC=0Ahttp=
://www.teklibre.com=0ATel: 1-669-226-2619=0A_______________________________=
________________=0ACerowrt-devel mailing list=0ACerowrt-devel@lists.bufferb=
loat.net=0Ahttps://lists.bufferbloat.net/listinfo/cerowrt-devel=0A