Transport Layer Security (TLS) is the most widely used protocol for securing web transactions and other communications on internal networks and the internet. Some organizations may have tens of thousands of certificates, but many organizations lack a plan to manage them. Organizations that do not have a plan are at higher risk for system outages and security breaches, which can result in:
The NCCoE at NIST recognizes the vital importance of securing web transactions and other communications between clients and servers for organizations. This project uses commercially available technologies to demonstrate how medium and large enterprises that rely on Transport Layer Security (TLS) can secure both customer-facing and internal applications can better manage TLS server certificates by:
In December 2018, the NCCoE released Volumes A and B of this guide to provide enterprises actionable guidance to help them establish and implement a formal TLS server certificate management program. The received comments were adjudicated and integrated into the updated draft versions of Volume A and B. With the release of the full guide, organizations can advance their TLS management efforts by reading Volume C which explains our approach, architecture, and security characteristics, and Volume D which contains the how-to-guides to build the example solutions.
Although client certificates may optionally be used in TLS to perform mutual authentication, managing client certificates is outside this project’s scope
Calle Maria Auxiliadora 7, 4 izda C.P. 48901 – Barakaldo – Biskaaia – España
Tél : +34 631 705 507
Partager les informations relatives a mes domaines d’intérêts pour ceux qui n’ont pas les moyens de faire de la recherche.