What's new in Go's cryptography libraries: Part 2 (Go Time #298)

Filippo Valsorda & Roland Shoemaker from the Go Team return & bring Nicola Murino with them to continue catching us up on what’s new in Go’s crypto libraries.

This is everything we didn’t cover + deep dives from Part 1!

Join the discussion

Changelog++ members save 3 minutes on this episode because they made the ads disappear. Join today!

Sponsors:

• Changelog News – A podcast+newsletter combo that’s brief, entertaining & always on-point. Subscribe today.
• Fastly – Our bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com
• Fly.io – The home of Changelog.com — Deploy your apps and databases close to your users. In minutes you can run your Ruby, Go, Node, Deno, Python, or Elixir app (and databases!) all over the world. No ops required. Learn more at fly.io/changelog and check out the speedrun in their docs.

Featuring:

• Filippo Valsorda – Website, GitHub, Mastodon, X
• Roland Shoemaker – Website, GitHub, X
• Nicola Murino – GitHub
• Natalie Pistunovich – GitHub, X

Show Notes:

• What’s new in Go’s cryptography libraries: Part 1
• NIST
• FIPS
• Diffie–Hellman key exchange
• FIPS standard 140
• github.com/quic-go/quic-go
• tip.golang.org/src/crypto/tls/quic.go
• pkg.go.dev/crypto/x509
• MultiAlgorithmSigner
• OpenSSH format keys
• Kerberos edge case, use the correct token from the client
• defer channel window adjustment
• Improved test cases (removed t.Fatal calls from goroutines), added test against SSH CLI
• Agent compatibility
• github.com/drakkan/sftpgo

Something missing or broken? PRs welcome!