The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) has posted a Federal Register notice (FRN) for the TLS Server Certificate Management project. This notice invites technology vendors to participate in the collaborative project.
This project will use commercially available and open source technologies to develop a cybersecurity reference design that can be implemented in enterprise environments to reduce outages, improve security, and enable disaster recovery activities related to TLS certificates. This project focuses on the management of TLS server certificates in medium and large enterprises that rely on TLS to secure both customer-facing and internal applications and will demonstrate various management aspects such as how to establish an inventory of TLS certificates; assign and track certificate owners; and identify issues and vulnerabilities of the TLS infrastructure. The FRN launches a collaborative effort between the NCCoE and technology companies to address cybersecurity challenges identified in the project description.
After reviewing the FRN, if you as a technology provider are interested in providing products or technical expertise as a collaborator on the reference design for the listed projects please send an email to tls-cert-mgmt-nccoe@nist.gov requesting a Letter of Interest template.
Upon receipt of the Letter of Interest (LOI) template from the NCCoE, please:
- complete all applicable form fields within the received LOI template
- ensure that any proffered contribution(s) meet all of the acceptance criteria described in Section 1 of the LOI
- make sure the LOI Section 2 Terms and conditions are acceptable
- be as specific as possible when responding to Area of Interest query in Section 3
- sign and date the LOI
- email the LOI to tls-cert-mgmt-nccoe@nist.gov
The NCCoE project team will contact interested parties if there are questions regarding the applicability of the LOI to the reference design objective or requirements identified in the FRN. NCCoE will select participants who have submitted a complete LOI on a first come, first served basis within each category of components or characteristics listed in the FRN up to the number of participants in each category necessary to carry out the builds.
If you are interested in providing your expertise to help guide this project, please join our Community of Interest (COI) by emailing tls-cert-mgmt-nccoe@nist.gov. Receive updates on all NCCoE projects by signing up for email updates here.
We are looking forward to a successful collaboration effort.