NIST publication governing website certificates & security?

I am trying to locate the NIST standard which governs website security and encryption levels.  Can anyone direct me to the correct NIST publication?

Thanks!
VIBTAsked:
Who is Participating?
 
freshcontentConnect With a Mentor Commented:
Here is the NIST AES specification.

http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf 

If you are looking for a standard of what type of encryption to be used on a website itself, most reputable website SSL providers are requiring 2048-bit CSRs to generate their SSL certificates.

From my understanding, the only standard in regards to what website owners are held to comes from the Payment Card Industry (PCI) standards (sponsored by Visa/Mastercard/American Express), and their requirements come from the PCI standard and your payment processor's requirements.

https://www.pcisecuritystandards.org/ 

Network Solutions, GoDaddy, & Thawte are good lower cost providers, and VeriSign (part of Symantec now) provides high recognitiion, name-brand, more expensive SSL certs.



0
 
VIBTAuthor Commented:
Thanks very much!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.