Licensing issues aside, do we really want to rely on Microsoft to keep it up to date? I can imagine it becoming quickly outdated, particularly in enterprise skews.
I think it's best left to the Wireguard team and not Redmond.
There is no "outdated", wireguard has no extensibility on purpose. You might just have to wait for wireguard2. And security patches will be delivered in the usual Microsoft fashion, 8 tuesdays after the exploit started circulating.
>While performance is quite good right now [...] not a lot of effort has yet been spent on optimizing it, and there's still a lot more performance to eek out of it, I suspect, especially as we learn more about NT's scheduler and threading model particulars. [emphasis added]
Are you suggesting that these performance improvements will be contained in 'wireguard2'? Surely there will be improvements to the codebase, even if they don't involve fixing defects that undermine fundamental security assumptions.
No, I think not. I guess that is an area where one would miss out without updates, but on the other hand, performance is already "good enough" for most endpoints. Of course, for operating a VPN concentrator you always want more performance, but then again, you won't do that on windows I guess.
