Presentation: Maintaining the Go Crypto Libraries

Track: 21st Century Languages

Location: Broadway Ballroom South, 6th fl.

Duration: 11:50am - 12:40pm

Day of week: Wednesday

Share this on:


The Go programming language ships with a full suite of cryptographic libraries written in Go, including a TLS stack.

We will look at how that came to be, and what it enabled. The choice to keep it focused on carefully curated subsets of sprawling protocols like TLS was both a necessity, and its greatest value. We will explore how a focus on developer usability is important in ensuring the security of the ecosystem, and how that requires difficult targeting decisions.

We will talk about the challenges in maintaining it and keeping it secure, safe, useful and modern. In particular, we will see how security, scope and maintainer resources are on a balance, and what tools we can deploy to tip the scale.

Speaker: Filippo Valsorda

Cryptogopher @Google

Filippo Valsorda works on the Go team at Google, where he owns the cryptographic libraries and acts as the primary security coordinator. Previously, he worked at Cloudflare, where he built their DNSSEC and experimental TLS 1.3 stacks, and maintained their Go DNS server, which was authoritative for 40% of the Alexa top 1M. He built mkcert and the Heartbleed test, and writes at and

Find Filippo Valsorda at


Monday, 24 June

Tuesday, 25 June

Wednesday, 26 June