PIV Q and A Site Logo NIST Logo
Home Q&A
Frequently Asked Questions

SP 800-85 A: Middleware and PIV Card Application Conformance Test Guidelines

SP 800-85 B: PIV Data Model Conformance Test Guidelines

Question ID # Posted by
1 Ramaswamy Chandramouli
The response to an invalid PIN entry is '63Cx' where x is the number of tries remaining. Is '63C0' the correct response to an invalid PIN entry when there is one remaining try or does one go from '63C1' directly to '6983'?
The call using invalid PIN after a '63C1' response always will yield '63C0'. Only the next call using invalid PIN will yield '6983'.
2 Hildegard Ferraiolo
The postcondition of the test in Appendix C.3.2.2 instructs to validate the
contexts of the public key data with GET DATA. However, the public key is not
accessible as one of the 11 data objects specified in SP 800-73.
The public key can be extracted from its X.509 public key certificate.

NIST is an agency of the U.S. Commerce Department last modified: October07 2008
This site adheres to the NIST privacy policy.
Questions or comments? Contact the webmaster