263
edits
Changes
Jump to navigation
Jump to search
Line 18:
Line 18: + + + + + + + + +
GC HTTPS Certificate Guidance (view source)
Revision as of 14:19, 19 July 2019
, 14:19, 19 July 2019→Certificate Recommendations and Guidance
| style="width: 500px" align="center" | For additional information, please see [[Media:Recommendations for TLS Server Certificates.pdf|Recommendations for TLS Server Certificates]] for GC Public Facing Web Services or contact TBS-CIOB Cybersecurity ([mailto:zzTBSCybers@tbs-sct.gc.ca zzTBSCybers@tbs-sct.gc.ca])
| style="width: 500px" align="center" | For additional information, please see [[Media:Recommendations for TLS Server Certificates.pdf|Recommendations for TLS Server Certificates]] for GC Public Facing Web Services or contact TBS-CIOB Cybersecurity ([mailto:zzTBSCybers@tbs-sct.gc.ca zzTBSCybers@tbs-sct.gc.ca])
|}
|}
===Enterprise Certificate Management===
Recently the National Institute of Standards and Technology released [https://www.nccoe.nist.gov/projects/building-blocks/tls-server-certificate-management Special Publication 1800-16 Securing Web Transactions: TLS Server Certificate Management] for public comment. This draft practice guide provides additional information for enterprises that rely on Transport Layer Security (TLS) to secure both customer-facing and internal applications, so they can better manage TLS server certificates by:
* Defining operational and security policies; identifying roles and responsibilities
* Establishing comprehensive certificate inventories and ownership tracking
* Conducting continuous monitoring of certificate operational and security status
* Automating certificate management to minimize human error and maximize efficiency on a large scale
* Enabling rapid migration to new certificates and keys when cryptographic mechanisms are found to be weak, compromised or vulnerable
<Br>
===Automated Certificate Management Engine (ACME)===
===Automated Certificate Management Engine (ACME)===
