Both of these things can be true at the same time: - "Don't use unproven cryptog... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		hamandcheese 5 months ago \| parent \| context \| favorite \| on: The FIPS 140-3 Go Cryptographic Module Both of these things can be true at the same time: - "Don't use unproven cryptography" is a reasonable policy. - Policymaking can be subverted by bad actors.

Spooky23 5 months ago [–]

Yes, but neither of those things have anything to do with FIPS 140-3.

FIPS validation address the compliance problem of needing validation. Beyond that, the benefits are ambiguous at best.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact