FOR IMMEDIATE RELEASE:
New US Digital Certificates Best Practices
NIST Practice Guide includes Taproot Security recommendations
Saint Paul, MN, June 17, 2020 –
A new US Practice Guide governing TLS certificate management (SP1800-16) was finalized and published today. It was created by the National Institute of Standards & Technology (NIST) in partnership with security vendors and experts. It incorporates suggestions provided by Taproot Security in 2019.
"I congratulate NIST on completing this important work," said Taproot Security founder Mike McCormick. "TLS (previously known as SSL) is the backbone of security and privacy on the Internet, and digital certificates are the foundation of TLS. If they are managed improperly, TLS fails, while still giving users a false sense of security (e.g., browser padlock icon)."
The NIST announcement can be found at https://content.govdelivery.com/accounts/USNIST/bulletins/290e39f.
About Taproot Security
Taproot Security is an information security consulting firm advising industry and government on cyber issues and policy. For more information, please visit http://www.taprootsecurity.com/.
To learn more about this announcement, please contact
Founder & President
Taproot Security, LLC
- END -