NIST seeks comments on authentication, PIV
- By Wilson P. Dizard III
- Mar 03, 2008
The Commerce Department's standards development team for information technology security has invited comments on documents that furnish guidance on identity authentication and ways to evaluate Personal Identity Verification (PIV) card issuers.
The Computer Security Division at the National Institute of Standards and Technology's (NIST) developed both the technical documents. That division forms part of NIST's IT Laboratory.
The technology standards organization issued
'Draft Special Publication 800-63 Revision 1' document to supplement earlier instructions from the Office of Management and the Budget on how to design systems for remotely authenticating the identities of members of the general public.
The remote-authentication guidelines form an expanded and reorganized version of the institute's earlier description of assertion technologies. NIST also seeks to clarify its previously issued advisory on the topic. The new draft document presents a broader discussion of technologies in the field that agencies can use to comply with OMB's instructions.
NIST said that it would accept comments on the draft authentication document through April 10.
NIST also is seeking comments on its draft of special publication 800-79-1, which provides guidelines for agencies as they seek to certify and accredit organizations that issue PIV cards.
NIST asked for comments on the draft PIV issuer certification and accreditation guide by March 30. Send them to [email protected]
Details about the second draft document also appear on the NIST Web site for guidelines and other papers that officials currently are polishing for release soon.