[Swan-dev] Regarding renaming ipsec.conf options
paul at nohats.ca
Fri Apr 18 08:05:48 EEST 2014
On Fri, 18 Apr 2014, D. Hugh Redelmeier wrote:
> | There is no way we can obsolete keywords in two releases. That would be
> | in the order of months!
> Agreed. What would be useful? Two years? Next major
> disruptive-already revision? It would be good to make a promise to
> the users so that they can plan an orderly transition.
Well, unless we want to explain about RHEL7 libreswan versus our
libreswan for all those renames, you are looking at 5+ years :(
> Certainly things have been marked obsolete already without being
that has mostly been done in the last year.
> BTW, I just tried googling for nat_keepalive and got hits for
> nat-keepalive too.
> As I've posted, the naming of options really could and should be
> cleaned up. But we can keep the old ones for some time.
> Simplicity is an esthetic value. But it is not only an esthetic
> value. It is also important for making the system understandable.
> That is absolutely critical. The system is very far into the woods as
> far as simplicity is concerned.
> Things have been thrown into the code. They really need to be
> organized to be coherent. The bizarre collection of options related
> to NAT Traversal is perfect example.
But is that goal worth making all the existing configuration files and
documentation break in a few years? I don't know. I am not that bothered
by the option names as they are (but I created a bunch of them so I
might be biased)
> Good design can benefit from collaboration. That's why I post what I'm
> hoping to do before I do it. But you are often the only responder. Too
There are many more consumers than developers, as it too common with
open source software :(
More information about the Swan-dev