Go has a number of low-level crypto APIs which check off marketing bullet-points (got FIPS supprt, check!) but is missing an high-level API usable by mere mortal programmers. Imagine you want to create a document, sign it and verify that document later. Now check out Go's crypto APIs and give up in frustration after an hour of Googling.
The API should encapsulate a half-dozen common operations and make them as easy as possible. Avoid choice where possible, just pick something reasonably secure in 2014 for me and use it! I'm speaking specifically of a few basic actions (yes, this API is very naive/non-idiomatic), call it
- Create me a public/private key pair and save it to the filesystem.
// create and persist a keypair to the current directory.
// this is just a one-time operation, now we have a keypair to use.