Solved

NIST publication governing website certificates & security?

Posted on 2011-09-13
2
384 Views
Last Modified: 2012-05-12
I am trying to locate the NIST standard which governs website security and encryption levels.  Can anyone direct me to the correct NIST publication?

Thanks!
0
Comment
Question by:VIBT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
freshcontent earned 500 total points
ID: 36532696
Here is the NIST AES specification.

http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf 

If you are looking for a standard of what type of encryption to be used on a website itself, most reputable website SSL providers are requiring 2048-bit CSRs to generate their SSL certificates.

From my understanding, the only standard in regards to what website owners are held to comes from the Payment Card Industry (PCI) standards (sponsored by Visa/Mastercard/American Express), and their requirements come from the PCI standard and your payment processor's requirements.

https://www.pcisecuritystandards.org/ 

Network Solutions, GoDaddy, & Thawte are good lower cost providers, and VeriSign (part of Symantec now) provides high recognitiion, name-brand, more expensive SSL certs.



0
 

Author Closing Comment

by:VIBT
ID: 36562008
Thanks very much!
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to write a Context Sensitive Help (an online help that is obtained from a specific point in state of software to provide help with that state) ,  first we need to make the file that contains all topics, which are given exclusive IDs. …
When the s#!t hits the fan, you don’t have time to look up who’s on call, draft emails, call collaborators, or send text messages. An instant chat window is definitely the way to go, especially one like HipChat. HipChat is a true business app. An…
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question