Re: [PATCH net-next v2 0/5] Reimplement TCP-AO using crypto library

Next message: Gunnar Kudrjavets: "Re: [PATCH] tpm: Remove dead NULL check in tpm2_flush_space()"
Previous message: Jacob Keller: "Re: further issues with MGA G200 graphics chipset"
In reply to: Eric Biggers: "Re: [PATCH net-next v2 0/5] Reimplement TCP-AO using crypto library"
Next in thread: Dmitry Safonov: "Re: [PATCH net-next v2 0/5] Reimplement TCP-AO using crypto library"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jakub Kicinski

Date: Mon Apr 27 2026 - 18:56:05 EST

On Mon, 27 Apr 2026 20:09:05 +0100 Dmitry Safonov wrote:
> I do like these numbers quite much! Yet, as I mentioned in version 1,
> removing a fallback for other algorithms' support does not sound good
> to me. There are two reasons:
> - Ronald P. Bonica (the original RFC5925 author), together with Tony
> Li do have an active RFC draft to support the additional algorithms
> [1], potentially in addition to TCP Extended Options [2]
> - There is at least one open-source BGP implementation (BIRD) that
> allows using the algorithms that you are removing [3]. Without a
> deprecation period and communication with at least known open source
> users, it implies intentionally breaking them, which I can't agree
> with.
>
> I don't feel like Naking as we don't have any customers using anything
> other than the 3 algorithms above (and BGP implementation is
> [unfortunately] closed-source, so that would not feel appropriate even
> if we had such customers), yet I do feel like it's worth and
> appropriate to express my thoughts/concerns.

What do you want to happen? You are the maintainer of this code,
you don't get so say "i don't want to nack it but also no" :)
Like Eric says if there are no real users code can be deleted.

Adding deprecation warnings upstream is quite slow, IDK if injecting
deprecation warnings to stable has been discussed..