Out of curiosity, and I apologize if this is radically off-topic, do you have a list of "usual suspects" for auditing crypto libraries (GPG, OTR, etc.)?
(Or is the answer simply: the modern-crypto list subscribers?)
Thai Duong, Juliano Rizzo, Kenny Patterson's team at Royal Holloway, Daniel Bernstein, Trevor Perrin, Nate Lawson, the Riscure guys, the Cryptography Research team at Rambus.
Are there any well funded national intelligence organizations that does this, and still do public recommendations? In theory the NSA, MI5 etc should be advising their various governments and businesses on how to protect secrets (not just military, but protecting against corporate espionage, protecting journalistic foreign sources (think: Chinese dissidents etc)). Obviously the NSA have some very real trust issues -- but does anyone have an update on whether or not they've actually sacrificed large parts of their mission on the altar of total information awareness? Does Navy Intelligence still provide support for Tor?
(Or is the answer simply: the modern-crypto list subscribers?)