Comment Periods EXTENDED | NIST Identity Guidance

National Institute of Standards and Technology (NIST) sent this bulletin at 03/17/2023 02:02 PM EDT
NIST

View As Web Page
Header

NIST Cybersecurity and Privacy Program
A graphic of digtal identity representations

There’s Now Extra Time to Comment…Please Share Your Feedback on our Three NIST Identity Guidance Items!

NIST has extended the deadlines to submit comments to drafts of three key pieces of guidance related to digital identity:

  1. Digital Identity Guidelines (NIST SP 800-63-4) | Extended until April 14, 2023 NIST SP 800-63 intends to respond to the changing digital landscape that has emerged since the last major revision of this suite was published in 2017—including the real-world implications of online risks. The guidelines present the process and technical requirements for meeting digital identity management assurance levels for identity proofing, authentication, and federation, including requirements for security and privacy as well as considerations for fostering equity and the usability of digital identity solutions and technology.
  2. Guidelines for Derived Personal Identity Verification (PIV) Credentials (NIST SP 800-157r1) | Extended until April 21, 2023 NIST SP 800-157 has been revised to feature an expanded set of derived PIV credentials to include public key infrastructure (PKI) and non-PKI-based phishing-resistant multi-factor authenticators.
  3. Guidelines for Personal Identity Verification (PIV) Federation (NIST SP 800-217) | Extended until April 21, 2023 NIST SP 800-217 details technical requirements on the use of federated PIV identity and the interagency use of assertions to implement PIV federations backed by PIV identity accounts and PIV credentials.

Read More

NIST Cybersecurity and Privacy Program
Questions/Comments about this notice:
SP 800-217 and SP 800-157r1 (piv_comments@nist.gov);
SP 800-63-4 (dig-comments@nist.gov)
CSRC Website questions: csrc-inquiry@nist.gov