U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-52 Rev. 2 (2nd Public Draft)

Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations

Date Published: October 2018
Comments Due: November 16, 2018 (public comment period is CLOSED)
Email Questions to: sp80052-comments@nist.gov

Author(s)

Kerry McKay (NIST), David Cooper (NIST)

Announcement

Draft SP 800-52 Revision 2 provides guidance for selecting and configuring Transport Layer Security (TLS) protocol implementations that utilize NIST-recommended cryptographic algorithms and Federal Information Processing Standards (FIPS). This second draft extends the deadline by which agencies are urged to support TLS 1.3 to January 1, 2024. Moreover, it clarifies that TLS 1.3 is intended to coexist with TLS 1.2 rather than replace it. An appendix has also been added to discuss key exchange using RSA key transport and includes a list of cipher suites that may be used if a transition period is needed. The extensions guidance now clarifies which versions of TLS each extension applies to and provides guidance on the raw public keys extension.

Abstract

Keywords

information security; network security; SSL; TLS; Transport Layer Security
Control Families

System and Communications Protection

Documentation

Publication:
Draft (2nd) SP 800-52 Rev. 2 (pdf)

Supplemental Material:
Comments received (pdf)

Document History:
11/15/17: SP 800-52 Rev. 2 (Draft)
10/15/18: SP 800-52 Rev. 2 (Draft)
08/29/19: SP 800-52 Rev. 2 (Final)