Changes

Jump to navigation Jump to search
Line 18: Line 18:  
| style="width: 500px" align="center" | For additional information, please see [[Media:Recommendations for TLS Server Certificates.pdf|Recommendations for TLS Server Certificates]] for GC Public Facing Web Services or contact TBS-CIOB Cybersecurity ([mailto:zzTBSCybers@tbs-sct.gc.ca zzTBSCybers@tbs-sct.gc.ca])
 
| style="width: 500px" align="center" | For additional information, please see [[Media:Recommendations for TLS Server Certificates.pdf|Recommendations for TLS Server Certificates]] for GC Public Facing Web Services or contact TBS-CIOB Cybersecurity ([mailto:zzTBSCybers@tbs-sct.gc.ca zzTBSCybers@tbs-sct.gc.ca])
 
|}
 
|}
 +
 +
===Enterprise Certificate Management===
 +
Recently the National Institute of Standards and Technology released [https://www.nccoe.nist.gov/projects/building-blocks/tls-server-certificate-management Special Publication 1800-16 Securing Web Transactions: TLS Server Certificate Management] for public comment. This draft practice guide provides additional information for  enterprises that rely on Transport Layer Security (TLS) to secure both customer-facing and internal applications, so they can  better manage TLS server certificates by:
 +
* Defining operational and security policies; identifying roles and responsibilities
 +
* Establishing comprehensive certificate inventories and ownership tracking
 +
* Conducting continuous monitoring of certificate operational and security status
 +
* Automating certificate management to minimize human error and maximize efficiency on a large scale
 +
* Enabling rapid migration to new certificates and keys when cryptographic mechanisms are found to be weak, compromised or vulnerable
 +
<Br>
    
===Automated Certificate Management Engine (ACME)===
 
===Automated Certificate Management Engine (ACME)===
263

edits

Navigation menu

GCwiki