Roadmap

Cross-platform Version

We must write an implementation in a cross-platform fashion using a safe language like Rust, Go, or Haskell. Since it will run in userspace (using a TUN device), it will not be as fast as platform-native versions, but will still be widely sufficient for Mac and Windows users (and still faster than OpenVPN). See the implementation notes on cross-platform development. Eventually we'll work with OpenBSD to produce a component for their kernel, and perhaps even write a kext for Darwin and a driver for NT. For now, however, a cross-platform userspace version is most appealing.

Exponential Backoff

Right now the timeouts are fixed. These experimentally work very well, but it may be wise down the line to have these dynamically adjust. Currently, this is the only missing piece before the protocol itself reaches "version 1".

Tooling

Currently the wg(8) tool is only useful for configuring WireGuard-specific aspects. For other network config, like routing and IP addresses, the usual ip-route(8) and ip-address(8) tools are used. However, the .conf format for wg(8) is very nice to use, and some people have requested additional convenience fields for setting IP addresses, including descriptions and so forth. Most likely this functionality is better being integrated into a different tool, but perhaps we'll consider it for here.

Write the RFC

After version 1 is finalized, an RFC will be written and standardized. This should probably coincide with a few more implementations too.

Upstreaming

After version 1 is finalized, the code will be sent upstream to be integrated directly into Linux. Before a [PATCH] set is sent, we'll be working with the folks on the netdev mailing list to make sure things are up to standards. LKML discussion.

Odds & Ends