Categories
Security

NIST releases second draft of “Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations.”

From an e-mail the folks at nist sent out.

NIST has released a second draft of NIST Special Publication (SP) 800-52 Revision 2,Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations. It provides guidance for selecting and configuring TLS protocol implementations that utilize NIST-recommended cryptographic algorithms and Federal Information Processing Standards (FIPS). The document requires that government TLS servers and clients support TLS 1.2 configured with FIPS-based cipher suites, and recommends that agencies develop migration plans to support TLS 1.3 by January 1, 2024.

A public comment period for this document is open until November 16, 2018.

CSRC Update:
https://csrc.nist.gov/news/2018/second-draft-of-TLS-guidance-now-available

Publication Details:
https://csrc.nist.gov/publications/detail/sp/800-52/rev-2/draft