Should we sunset Windows 7 support?

Isaac Boukris iboukris at
Tue Nov 10 13:57:54 CET 2020


New to the list :)

On Tue, Nov 10, 2020 at 1:30 PM Jason A. Donenfeld <Jason at> wrote:
> Hi,
> Windows 7 has been EOL'd by Microsoft since January of this year. It
> is no longer receiving security updates or fixes. This email is to get
> the conversation started about doing the same with WireGuard for
> Windows.
> Supporting Windows 7 is an ongoing maintenance burden. For example, we
> use SHA2 signatures instead of SHA1 signatures for our drivers, which
> is not something we want to compromise on, and as a result Windows 7
> users must have KB2921916 installed. But Microsoft never supplied
> KB2921916 via Windows Update and it removed all Windows 7 hotfixes
> from its webpage last year. So in order to keep supporting this, we're
> forced to add clunky disgusting code like this:
> Keen readers will wince at all the layering violations there. Do we
> really want to keep maintaining gross stuff like this? It makes me
> uncomfortable to have kludges like that sitting around in the code.
> Shouldn't I write an auto-downloader that then checks hashes?
> Shouldn't I build this into the installer? Shouldn't I.... waste tons
> of time supporting Windows 7 better?
> Probably not.
> But I know so many users are still using Windows 7. I'd like to hear
> from you to understand why, in order to assess when is the right
> moment to sunset our Windows 7 support.

I've had some experience in the past (~5 years ago) with VPN on ATMs,
and we had to support Windows XP at the time since the ATM software
didn't support anything else and was very slow to get updated (several


More information about the WireGuard mailing list