> If you interact with government or some large entities that do business with government, they have to comply with FIPS 140-2, and cannot use ed25519.
Not even when FIPS 140-3 was (finally) finalized in 2019, and testing began in 2020?
https://csrc.nist.gov/projects/cryptographic-module-validati... includes mentions of EdDSA, and Curve25519 is listed among the "Recommended Curves for U.S. Federal Government Use" on page 15 of https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.S....
(I guess the problem is that various crypto implementations need to get recertified under the new standard...)
edit: it looks like AWS-LC [0] and boringcrypto [1] have both been validated under FIPS 140-3. Azure's OpenSSL crypto [2] has only been validated under FIPS 140-2 as far as I can tell.
[0] https://csrc.nist.gov/projects/cryptographic-module-validati...
[1] https://csrc.nist.gov/projects/cryptographic-module-validati...
[2] https://csrc.nist.gov/projects/cryptographic-module-validati...
