Evaluating Crypto Libraries Without Being a Crypto Expert
Practical Security — Pragmatic Programmers (24 / 46)
So now we’ve ruled out low-level crypto libraries. What should we use instead? High-level crypto libraries with secure defaults written by experts.
But how do we know experts when we see them? Evaluating people based on skills we don’t have ourselves is a tough problem with no great solution. We encounter it in other parts of our…