The National Institute of Standards and Technology (NIST) hosted a virtual workshop discussed compliance, operations, and security challenges with modern encrypted protocols on Friday, September 25, 2020. Deployment of these protocols, in particular TLS 1.3, can impact some organizations ability to meet their regulatory, security, and operational requirements. The workshop investigated the practical and implementable approaches to help those industries adopt them in their private data centers and the hybrid cloud without impacting regulatory compliance, security, or operations.
The workshop identified various approaches and practices that met common compliance, operations, and security requirements. The findings from this workshop will inform the development of a potential National Cybersecurity Center of Excellence (NCCoE) demonstration project to implement one or more of the proposed approaches while meeting the business use cases, the security capabilities, and supporting technologies.