This project has entered the build phase. We have selected several technology collaborators who have signed a Cooperative Research and Development Agreement (CRADA; see an example) with the National Institute of Standards and Technology (NIST). Download the TLS Server Certificate Management project description for full project details or read the two-page fact sheet..
This practice guide can benefit executives, Chief Information Security Officers, System Administrators, or anyone who has a stake in protecting his or her organization's data, privacy, and overall operational security.
Following an experimental agile process for continuous delivery of special publication, the National Cybersecurity Center of Excellence (NCCoE) requested feedback on preliminary drafts for Volume A: Executive Summary and Volume B: Security Risks and Recommended Best Practices from NIST Cybersecurity Practice Guide Special Publication (SP) 1800-16, Securing Web Transactions: TLS Server Certificate Management. We are currently reviewing the feedback we received from the public comment period which closed on February 18, 2019.
The practice guide is scheduled for release in full in 2019 and will contain the following volumes:
- SP 1800-16A: Executive Summary (preliminary draft)
- SP 1800-16B: Security Risks and Recommended Best Practices (preliminary draft)
- SP 1800-16C: Approach, Architecture, and Security Characteristics (coming soon)
- SP 1800-16D: How-To-Guides (coming soon)
Questions? Send an email to firstname.lastname@example.org.