All I was saying is, that it's nonsense to rant - and yeah for me your answers sounded a bit like rants - or vent about QAT or not or in which form or what devices it will be. If you read it again, my point is and was, that a device with a rangeley SOC will get the OP support for strong crypto even with OpenVPN. AEAD support IS coming with the next OpenVPN release that will surely make it into pfSense. There isn't much to argue that IMHO. Any further speedup in type of QAT is a nice addition to that, but in my findings at having a C2758 on an office line with a 1Gbps dark fiber, I get those speeds needed without stressing the SOC to its maximum.
Further I was talking that contrary to what Frank was telling above, OpenVPN does indeed utilize the AES-NI capabilities on a SOC that supports it. So both combined a C2558 or C2758 would be capable to run 100/100 encrypted if it has to without much problems AFAIK.
The "trash talk" comment was more with a bit of a blink and meant towards the - IMHO unnecessary discussion - if and when QAT will come to what form of pfSense whatsoever, as QAT is simply not needed to run 100MBit/s encrypted either via IPSec or OpenVPN. With IPSec Jim already wrote that they achieved almost line speed capabilities of 1Gbps on a C2758. So that speaks volumes to the terms of "is it enough" in my book.
Of course the topic of QAT itself is not unimportant or anything, I just wanted to point out it isn't needed here. If a device (or add on card) brings QAT to the table or not isn't really a game changer ATM. :)
Sorry for not being more clearly.