[pfortuny]

Any references about the security of cryptographic primitives in Go? I mean: side-channel attacks, timing attacks and the behaviour of rand().

Because that is the first thing I would look into.

Thanks.

I am just asking (a bit fearful, yes), not simply ranting.

[tptacek]

The ones in the standard library are implemented for the most part by subject matter experts and are probably more trustworthy than OpenSSL's, which is what virtually everything else uses.

[pfortuny]

Just what I wanted to know. Many thanks, tptacek.