OpenVPN operates in kernel space as of 6.16. Well specifically for the data channel. Control channel is still managed in userspace so you don’t have to do asymmetric TLS in the kernel. This also reduces the overhead and increases performance substantially. It is slightly more complicated to setup but barely tbh (I’m speaking from the server side). Is the crypto outdated? Not as far as I’m aware.
And user-space implementations of WireGuard are used a lot anyway, especially on mobile. Every VPN provider app ships with one, at least as a backup (It’s wireguard-go usually since boringtun is not well maintained).
OpenVPN operates in kernel space as of 6.16. Well specifically for the data channel. Control channel is still managed in userspace so you don’t have to do asymmetric TLS in the kernel. This also reduces the overhead and increases performance substantially. It is slightly more complicated to setup but barely tbh (I’m speaking from the server side). Is the crypto outdated? Not as far as I’m aware.
And user-space implementations of WireGuard are used a lot anyway, especially on mobile. Every VPN provider app ships with one, at least as a backup (It’s
wireguard-gousually sinceboringtunis not well maintained).