Meh. The author of age is very experienced and known specifically for security, crypto and within the implementation language (Go).
Audits are only as good as the competence of the auditors and can often turn into checklist rituals. It certainly doesn’t hurt, but audits are not a panacea.
What if the author has become malicious or is being blackmailed? N+1, N+2 is a common expectation in many fields (science replication, all manner of independent audits/investigations, nuclear launch codes, etc).
Agreed, but IMHO claiming that a crypto library is secure without providing independent verification, is like claiming something is fast without providing benchmarks. (And both are the same in the sense that neither is a panacea.)
I'm only bringing up audits because such claim was made, but maybe I should have said "independent verification" instead since it's more general.
Sure, I think we agree in semantics but the wording is difficult. The bar for secure you’re referring to is quite high, a lot of commercial products that brand themselves secure would be much less secure than something like age. These days I think it’s fair to use “secure” in the sense of “made a serious effort to provide certain security properties”. It’s too hard to define, let alone agree, to what secure should mean for everyone.
> Today, I maintain the cryptography packages that ship as part of the Go standard library (crypto/… and golang.org/x/crypto/…), including the TLS, SSH, and low-level implementations, such as elliptic curves, RSA, and ciphers. These packages are critical to virtually every Go application, securing HTTPS requests, implementing authentication, and providing encryption.
I'm no cryptographer so I might be misunderstanding how all this works (also why I have to rely on whatever signal I can catch instead of just reviewing the code myself like with other more mundane dependencies), but it was my impression that in cryptography things were to be considered with skepticism until at least someone else (emphasis on "someone else") with good enough credentials/skills had attempted to break it at least once.
Because the vast majority of new works are not done by one of the few who would be qualified to check it.
You can think of the cryptography community as similar to the math community. If some nobody makes a new proof of a big conjecture, it is considered with skepticism until some big name comes around to verify it. If Terence Tao comes out with a new proof in one of his specialities, people are going to assume it's basically correct or will have only very minor errors that are easily fixed.
Audits are only as good as the competence of the auditors and can often turn into checklist rituals. It certainly doesn’t hurt, but audits are not a panacea.