Other guidance is anticipated in the NIST proposed encryption standard. For instance, "We will require support for certain TLS extensions," including the guidelines, says Polk.

EV certificates issued by certificate authorities (CAs) are preferred over digital certificates issued otherwise because EV certificates require far more extensive verification of the organization receiving them, and the issuer issuing them that other types of certificates.

The EV certificate standard was devised by the industry group CA/Browser Forum. The CAB Forum is undergoing some turbulent change as its members, including , Google, PayPal, Symantec and , among others, make organizational changes, including hashing out decisions related to intellectual-property rights each own pertaining to public-key infrastructure.

"EV certificates have higher levels of assurance associated with them, that they're issued to the right people." says Polk. "We support efforts to move the state-of-the-art forward. We believe for some that are important, there is value in it."

NIST also wants the federal government to move forward with what is called "mutually authenticated TLS" in which the server presents you with a way to log in via the user's certificate. "It's not done much today," says Polk. "It's not because most users don't have crypto keys of their own." The federal government has the potential to take advantage of this higher security because of the that are issued to government employees.