?
Solved

NIST publication governing website certificates & security?

Posted on 2011-09-13
2
Medium Priority
?
388 Views
Last Modified: 2012-05-12
I am trying to locate the NIST standard which governs website security and encryption levels.  Can anyone direct me to the correct NIST publication?

Thanks!
0
Comment
Question by:VIBT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
freshcontent earned 2000 total points
ID: 36532696
Here is the NIST AES specification.

http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf 

If you are looking for a standard of what type of encryption to be used on a website itself, most reputable website SSL providers are requiring 2048-bit CSRs to generate their SSL certificates.

From my understanding, the only standard in regards to what website owners are held to comes from the Payment Card Industry (PCI) standards (sponsored by Visa/Mastercard/American Express), and their requirements come from the PCI standard and your payment processor's requirements.

https://www.pcisecuritystandards.org/ 

Network Solutions, GoDaddy, & Thawte are good lower cost providers, and VeriSign (part of Symantec now) provides high recognitiion, name-brand, more expensive SSL certs.



0
 

Author Closing Comment

by:VIBT
ID: 36562008
Thanks very much!
0

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
CTAs encourage people to do something specific to show interest in your company, product or service. Keep reading to learn why CTAs should always be thought of as extremely important, albeit small, sections of websites.
The viewer will learn how to dynamically set the form action using jQuery.
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question