Replies: 1 comment
-
Thanks for having a read. For context, I've been busy working on other things so haven't updated this as I would've liked. However, I'm hoping to get back to it eventually.
This is library and programming language specific, so I would argue that's not appropriate.
Which standards are you referring to? Most of the popular algorithms have been mentioned somewhere.
I agree there could be more on key management, but I haven't worked in a scenario where that needs to be handled, unlike someone working at AWS, for example.
That's the purpose of the avoid/notes sections.
That's definitely out of scope.
This is somewhat being mentioned but could be improved.
This could be expanded on inside the password hashing section.
Yes, the details regarding post-quantum algorithms and key sizes need to be updated.
There's already a section on libraries, but there are too many to properly cover, especially having not used almost all of them. The user should follow the respective documentation for using it properly.
Information on lightweight crypto would be beneficial, but I haven't had any experience in that space nor have I read about it much.
Ultimately, I'm one person with an interest in cryptography trying to summarise information from various sources and link things for further reading. There are limits to the time I have and the time I'm willing to commit. This will never be a complete guide. The more important thing is keeping information accurate and ideally up to date, which is currently not the case for certain parts. |
Beta Was this translation helpful? Give feedback.
-
Hey there, readers,
Just finished combing through our crypto guide and, boy, do I have some nuggets of wisdom to share! We've got a solid foundation, but there's always room for some jazzing up, right? Here's what I'm thinking:
Dive into Real-World Code: Theory's great, but let's get our hands dirty with some real code examples, shall we? I'm talking about those nifty code snippets that show how to actually implement these fancy cryptographic methods.
Stay Ahead of the Curve: Cryptography's like a high-speed train, and we need to keep up. Let's pepper in the latest and greatest in cryptographic standards to keep this guide fresh and zesty.
Key Management Wizardry: Handling those cryptographic keys is no small feat. How about a dedicated section on the art of key management – creating, storing, rotating, and bidding them farewell when their time comes?
Sidestepping Cryptographic Landmines: We've all seen them – those pesky common mistakes in cryptography. Let's shine a light on these blunders and how to elegantly sidestep them.
The Legal Maze: Navigating the legal labyrinth of GDPR, HIPAA, and the likes is crucial. A section on staying on the right side of the law with your cryptographic endeavors sounds about right.
Performance – The Need for Speed: Different strokes for different folks, or in this case, different environments. Let's dissect the performance impacts of various cryptographic algorithms and help our fellow developers make savvy choices.
User Authentication and Authorization – Beyond the Basics: Our guide's got the basics down pat. Let's expand it to cover the nitty-gritty of user authentication and authorization. More the merrier, right?
Quantum Leap: Quantum computing's looming on the horizon, and it's going to shake things up. A section on prepping for this quantum upheaval seems like a no-brainer.
Library Land: There's a sea of cryptographic libraries out there. How about we guide folks on picking the right one and using it to its full potential?
Mobile and IoT – The New Frontier: Mobile and IoT devices are their own beasts with unique challenges. Tailoring our cryptographic advice to these platforms would be the cherry on top.
Sprinkling these updates into our guide would take it from good to great, making it a go-to resource that's practical, comprehensive, and ready to tackle both today's and tomorrow's cryptographic conundrums.
Keep it encrypted, folks!
Timothy E. Bates Fractional CTO https://blinq.me/tWc32VtvpoDO?bs=db
Beta Was this translation helpful? Give feedback.
All reactions