"The purpose of this notice is to announce that the Secretary of Commerce has approved the withdrawal of seventeen (17) Federal Information Processing Standards (FIPS) Publications.
These FIPS are being withdrawn because they are obsolete, or have not been updated to adopt current voluntary industry standards, current federal data standards, or current good practices for information security. This situation preserves obsolete standards for agency use.
Some of these FIPS adopt voluntary industry standards. Federal agencies and departments are directed by the National Technology Transfer and Advancement Act of 1995 (Public Law 104-113) to use technical standards that are developed in voluntary consensus standards bodies. Consequently, FIPS that duplicate voluntary industry standards are no longer needed.
Some of these FIPS adopt data standards that are developed and used by other Federal government agencies. These FIPS have not been updated to reflect changes and modifications that have been made to the data representations. The remaining FIPS provide advisory guidance to Federal agencies on information security issues. This advisory guidance, which is not compulsory and binding, has been updated by NIST and issued in more recent recommendations and publications."
Among the seventeen withdrawn FIPS, eight are related to computer security:
- FIPS 31, Guidelines for Automatic Data Processing Physical Security and Risk Management
- FIPS 48, Guidelines on Evaluation of Techniques for Automated Personal Identification
- FIPS 73, Guidelines for Security of Computer Applications
- FIPS 83, Guideline on User Authentication Techniques for Computer Network Access Control
- FIPS 87, Guidelines for ADP Contingency Planning
- FIPS 102, Guideline for Computer Security Certification and Accreditation
- FIPS 112, Password Usage
- FIPS 171, Key Management Using ANSI X9.17