论文信息 - SP 800-52. Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations

SP 800-52. Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations

These Guidelines briefly introduce computer communications architectural concepts. The Guidelines place the responsibility for communication security at the Transport layer of the OSI seven-layer communications stack, not within the application itself. Protection of sensitive but unclassified Government information can adequately be accomplished at this layer when appropriate protocol options are selected and used by clients and servers relying on transport layer security.

Matthew J. Fanto | C M. Chernick | Charles Edington | Rob Rosenthal

[1] Russell Housley,et al. Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructure , 2001 .

[2] Eric Rescorla,et al. SSL and TLS: Designing and Building Secure Systems , 2000 .

[3] William M. Daley,et al. Security Requirements for Cryptographic Modules , 1999 .

[4] Pete Chown,et al. Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS) , 2002, RFC.

[5] Edward Roback,et al. SP 800-23. Guidelines to Federal Organizations on Security Assurance and Acquisition/Use of Tested/Evaluated Products , 2000 .

[6] Timothy Grance,et al. Guide to Selecting Information Technology Security Products , 2003 .

[7] Christopher Allen,et al. The TLS Protocol Version 1.0 , 1999, RFC.

[8] Vinton G. Cerf,et al. Internet Core Protocols: The Definitive Guide with Cdrom , 1999 .

[9] Charles Adams,et al. Understanding Public-Key Infra-structure: Concepts, Standards, and Deployment Con-siderations , 1999 .

[10] J. C. Tressler,et al. Fourth Edition , 2006 .

[11] Carlisle Adams,et al. Understanding PKI: Concepts, Standards, and Deployment Considerations , 1999 .

[12] Eric A. Hall,et al. Internet core protocols : the definitive guide , 2000 .

[13] Scott Hollenbeck,et al. Transport Layer Security Protocol Compression Methods , 2004, RFC.

[14] Douglas E. Comer,et al. Internetworking with TCP/IP, Volume 1: Principles, Protocols, and Architectures, Fourth Edition , 2000 .

[15] D. Richard Kuhn,et al. SP 800-32. Introduction to Public Key Technology and the Federal PKI Infrastructure , 2001 .

[16] William T. Polk,et al. Public Key Infrastructures that Satisfy Security Goals , 2003, IEEE Internet Comput..