Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

This is an archive
(replace .gov by .rip)

SP 800-52 Rev. 2 (DRAFT)

Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations

Date Published: November 2017
Comments Due: February 1, 2018 (public comment period is CLOSED)
Email Questions to: sp80052-comments@nist.gov

Withdrawn: October 15, 2018

Author(s)

Kerry McKay (NIST), David Cooper (NIST)

Announcement

NIST announces the release of draft Special Publication 500-52 Revision 2, Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations. Transport Layer Security (TLS) provides mechanisms to protect data during electronic dissemination across the Internet. This Special Publication provides guidance to the selection and configuration of TLS protocol implementations while making effective use of Federal Information Processing Standards (FIPS) and NIST-recommended cryptographic algorithms. It requires that TLS 1.2 configured with FIPS-based cipher suites be supported by all government TLS servers and clients and recommends that agencies develop migration plans to support TLS 1.3 by January 1, 2020. This Special Publication also provides guidance on certificates and TLS extensions that impact security.

Abstract

Keywords

network security; SSL; TLS; information security; Transport Layer Security
Control Families

System and Communications Protection;

Documentation

Publication:
Draft SP 800-52 Rev. 2

Supplemental Material:
Comments received (pdf)

Document History:
Draft SP 800-52 Rev. 2 (11/15/17)
Draft SP 800-52 Rev. 2 (10/15/18)