U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

SP 1800-37 (Draft)

Addressing Visibility Challenges with TLS 1.3 [Preliminary Draft]

Date Published: May 12, 2023
Comments Due: June 26, 2023
Email Comments to: applied-crypto-visibility@nist.gov

Author(s)

Murugiah Souppaya (NIST), W. Polk (NIST), William Barker (Dakota Consulting), John Kent (MITRE)

Announcement

The Addressing Visibility Challenges with TLS 1.3 project builds on the NCCoE's earlier work, TLS Server Certificate Management, which showed organizations how to centrally monitor and manage their TLS certificates. We are now focusing on protocol enhancements such as TLS 1.3 which have helped organizations boost performance and address security concerns. These same enhancements have also reduced enterprise visibility into internal traffic flows within the organizations' environment. This project aims to change that—and has two main objectives:

  • Provide security and IT professionals practical approaches and tools to help them gain more visibility into the information being exchanged on their organizations’ servers.
  • Help users fully adopt TLS 1.3 in their private data centers and in hybrid cloud environments—while maintaining regulatory compliance, security, and operations.

This project will result in a publicly available NIST Cybersecurity Practice Guide in the Special Publication 1800 series, which contains practical steps and guidance to implement our cybersecurity reference designs.

Control Families

None selected

Documentation

Publication:
NIST SP 1800-37A iprd

Supplemental Material:
Project homepage (web)

Document History:
05/12/23: SP 1800-37 (Draft)

Topics

Security and Privacy
key management; program management

Technologies
networks

Applications
enterprise; forensics