Comment by cogman10

Comment by cogman10 19 hours ago

0 replies

View on Hacker News

This is where the problems come from. Auditors are definitely what ultimately causes IT departments to make dumb decisions.

For example, we got dinged on an audit because instead of using RSA4096, we used ed25519. I kid you not, their main complaint was there wasn't enough bits which meant it wasn't secure.

Auditors are snake oil salesman.