Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations: NIST SP 800-52 Rev. 2
August 29, 2019

Given the nature of interconnected networks and the use of the internet to share information, the protection of sensitive data can become difficult if proper mechanisms are not employed. Any network service that handles sensitive or valuable data—whether it is personally identifiable information (PII), financial data, or login information—needs to adequately protect that data. Transport Layer Security (TLS) protocols were created to provide authentication, confidentiality, and data integrity protection between a client and server. The initiative to secure connections will enhance privacy, increase trust that data and services are authentic, and prevent undetected modification of data from government servers while in transit.

NIST announces the publication of NIST Special Publication (SP) 800-52 Revision 2Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations, which provides guidance for selecting and configuring TLS protocol implementations while making effective use of Federal Information Processing Standards (FIPS) and NIST-recommended cryptographic algorithms. It requires that all government TLS servers and clients support TLS 1.2 configured with FIPS-based cipher suites and recommends that agencies develop migration plans to support TLS 1.3 by January 1, 2024. This Special Publication also provides guidance on certificates and TLS extensions that impact security.
Created August 29, 2019