Important: The GCConnex decommission will not affect GCCollab or GCWiki. Thank you and happy collaborating!
Difference between revisions of "HTTPS Refs and Guidance"
Jump to navigation
Jump to search
(Created page with "==Legislation== * [http://laws-lois.justice.gc.ca/eng/acts/P-21/index.html Privacy Act] ==Related policy instruments== * [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=16578...") |
|||
(2 intermediate revisions by 2 users not shown) | |||
Line 14: | Line 14: | ||
* [https://www.cse-cst.gc.ca/en/node/1297/html/27582 CSE ITSB-89v3 Top 10 IT Security Actions to Protect Government of Canada Internet-Connected Networks and Information] | * [https://www.cse-cst.gc.ca/en/node/1297/html/27582 CSE ITSB-89v3 Top 10 IT Security Actions to Protect Government of Canada Internet-Connected Networks and Information] | ||
* [https://www.cse-cst.gc.ca/en/node/1842/html/26717 CSE ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems] | * [https://www.cse-cst.gc.ca/en/node/1842/html/26717 CSE ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems] | ||
− | * [https:// | + | * [https://cyber.gc.ca/en/guidance/guidance-securely-configuring-network-protocols-itsp40062 CSE ITSP.40.062 Guidance on Securely Configuring Network Protocols] |
+ | * [https://cyber.gc.ca/en/guidance/cryptographic-algorithms-unclassified-protected-and-protected-b-information-itsp40111 Cryptographic Algorithms for UNCLASSIFIED, PROTECTED A, and PROTECTED B Information] | ||
==Other references== | ==Other references== | ||
Line 25: | Line 26: | ||
* Google - [https://support.google.com/webmasters/answer/6073543 Webmasters: Secure Your Site with HTTPS] | * Google - [https://support.google.com/webmasters/answer/6073543 Webmasters: Secure Your Site with HTTPS] | ||
* Mozilla - [https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility Security/Server Side TLS] | * Mozilla - [https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility Security/Server Side TLS] | ||
+ | * NIST - [https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1800-16.pdf TLS Server Certificate Management Practice Guide] | ||
+ | * Microsoft - [https://www.microsoft.com/security/blog/2020/08/20/taking-transport-layer-security-tls-to-the-next-level-with-tls-1-3/ Taking TLS to the next level with TLS 1.3] |
Latest revision as of 09:00, 21 August 2020
Legislation
Related policy instruments
- Policy on Government Security
- Policy on Management of Information Technology
- Policy on Privacy Protection
- Policy on Access to Information
- Directive on Departmental Security Management
- Operational Security Standard: Management of Information Technology Security (MITS)
GC references
- CSE ITSG-33 Overview: IT Security Risk Management: A Lifecycle Approach
- CSE ITSB-89v3 Top 10 IT Security Actions to Protect Government of Canada Internet-Connected Networks and Information
- CSE ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems
- CSE ITSP.40.062 Guidance on Securely Configuring Network Protocols
- Cryptographic Algorithms for UNCLASSIFIED, PROTECTED A, and PROTECTED B Information
Other references
- NIST SP 800-52, Revision 1: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
- US Government, The HTTPS-Only Standard
- Department of Homeland Security, Binding Operational Directive 18-01 Enhance Email and Web Security
- GOV.UK, Service Manual, Using HTTPS
- UK National Cyber Security Centre, Using TLS to protect data
- Qualys - SSL/TLS Deployment Best Practices
- Google - Webmasters: Secure Your Site with HTTPS
- Mozilla - Security/Server Side TLS
- NIST - TLS Server Certificate Management Practice Guide
- Microsoft - Taking TLS to the next level with TLS 1.3