It means companies with US government contracts writing Go code can use the standard library crypto package in native Go instead if having to enable CGO and using a crypto library written in C. CGO is kind of a pain in the ass to develop with compared to fully native Go code, especially when cross-compiling (and cross compilation is very common now that ARM is common on both laptops and servers).

This also now makes Go a very convenient language to write US Gov software in.

If you have never heard of FIPS before ignore this entirely and continue to live in happiness.

> This also now makes Go a very convenient language to write US Gov software in.

This is something I wondered. Will we now see even more adoption of Go? Will Go be a more attractive option compared to language X/Yv

Yeah, honestly, this just rocketed Go to possible one of the best languages to write these services in. You can write a fully self-contained and compliant program using just the standard library, where a lot of other languages need to be linked to a commercial SSL library.

None; it's an optional package you use when your users require FIPS 140.

Ahh okay I didn’t realise it is just a package. I wondered if it was more than that and included stuff with the compiler or something

It's also a new compiler option to transparently replace calls to the crypto stdlib package with FIPS versions