Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

NIST publication governing website certificates & security?

Posted on 2011-09-13
2
Medium Priority
?
397 Views
Last Modified: 2012-05-12
I am trying to locate the NIST standard which governs website security and encryption levels.  Can anyone direct me to the correct NIST publication?

Thanks!
0
Comment
Question by:VIBT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
freshcontent earned 2000 total points
ID: 36532696
Here is the NIST AES specification.

http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf 

If you are looking for a standard of what type of encryption to be used on a website itself, most reputable website SSL providers are requiring 2048-bit CSRs to generate their SSL certificates.

From my understanding, the only standard in regards to what website owners are held to comes from the Payment Card Industry (PCI) standards (sponsored by Visa/Mastercard/American Express), and their requirements come from the PCI standard and your payment processor's requirements.

https://www.pcisecuritystandards.org/ 

Network Solutions, GoDaddy, & Thawte are good lower cost providers, and VeriSign (part of Symantec now) provides high recognitiion, name-brand, more expensive SSL certs.



0
 

Author Closing Comment

by:VIBT
ID: 36562008
Thanks very much!
0

Featured Post

Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
Without even knowing it, most of us are using web applications on a daily basis.  In fact, Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We generally confuse these web applications to…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question