thePCI Portal

TLS, SSL and PCI – The links

I got tired of hunting these down regularly.  Here are the official TLS and SSL reference links in one spot:

SSL/Early TLS: Working with an ASV on Failed Scans
http://blog.pcisecuritystandards.org/working-with-an-asv-on-failed-scans

INFORMATION SUPPLEMENT Migrating from SSL and Early TLS
Version 1.0 Date: April 2015 Author: PCI Security Standards Council
– Includes: Preparing a Risk Mitigation and Migration Plan section
https://www.pcisecuritystandards.org/documents/Migrating_from_SSL_Early_TLS_Information_Supplement_v1.pdf

Date Change for Migrating from SSL and Early TLS
http://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls

FAQ: How should entities complete their ROC or SAQ for PCI DSS v3.1 using the new SSL/TLS migration dates?
https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/How-should-entities-complete-their-ROC-or-SAQ-for-PCI-DSS-v3-1-using-the-new-SSL-TLS-migration-dates

FAQ: How should entities apply the new SSL/TLS migration dates to Requirements 2.2.3, 2.3 and 4.1 for PCI DSS v3.1?
https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/How-should-entities-apply-the-new-SSL-TLS-migration-dates-to-Requirements-2-2-3-2-3-and-4-1-for-PCI-DSS-v3-1

Dec 18 2015 News Release: PCI SECURITY STANDARDS COUNCIL REVISES DATE  FOR MIGRATING OFF VULNERABLE SSL AND EARLY TLS ENCRYPTION
https://www.pcisecuritystandards.org/pdfs/15_12_18_SSL_Webinar_Press_Release_FINAL_(002).pdf

NIST Special Publication 800-52 Revision 1
Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r1.pdf

Ad below this line:

Leave a Reply

Your email address will not be published. Required fields are marked *