Solved

NIST publication governing website certificates & security?

Posted on 2011-09-13
2
369 Views
Last Modified: 2012-05-12
I am trying to locate the NIST standard which governs website security and encryption levels.  Can anyone direct me to the correct NIST publication?

Thanks!
0
Comment
Question by:VIBT
2 Comments
 
LVL 12

Accepted Solution

by:
freshcontent earned 500 total points
ID: 36532696
Here is the NIST AES specification.

http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf 

If you are looking for a standard of what type of encryption to be used on a website itself, most reputable website SSL providers are requiring 2048-bit CSRs to generate their SSL certificates.

From my understanding, the only standard in regards to what website owners are held to comes from the Payment Card Industry (PCI) standards (sponsored by Visa/Mastercard/American Express), and their requirements come from the PCI standard and your payment processor's requirements.

https://www.pcisecuritystandards.org/ 

Network Solutions, GoDaddy, & Thawte are good lower cost providers, and VeriSign (part of Symantec now) provides high recognitiion, name-brand, more expensive SSL certs.



0
 

Author Closing Comment

by:VIBT
ID: 36562008
Thanks very much!
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
FAQ pages provide a simple way for you to supply and for customers to find answers to the most common questions about your company. Here are six reasons why your company website should have a FAQ page
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question