This blog is a personal book on Security/ IDM related thoughts/opinions.
The blog posts are a personal opinion only and neither reflect the views of current/past employers nor any OTHER person living/dead on this planet.
Google Site Search
Monday, January 4, 2010
Key Management: NIST Special Publication 800-57
I got the following notice from NIST.
NIST is proud to announce the publication of NIST Special Publication (SP) 800-57, RECOMMENDATION FOR KEY MANAGEMENT, Part 3: Application-Specific Key Management Guidance. This SP is intended to help system administrators and system installers adequately secure applications based on product availability and organizational needs, and to support organizational decisions about future procurements. The guide also provides information for end users regarding application options left under their control in normal use of the application. Recommendations are given for a select set of applications, namely: Public Key Infrastructures (PKI), Internet Protocol Security (IPsec), Transport Layer Security (TLS), Secure/Multipurpose Internet Mail Extensions (S/MIME), Kerberos, Over-the-Air Rekeying of Digital Radios (OTAR), Domain Name System Security Extensions (DNSSEC) and Encrypted File Systems (EFS).