Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST Releases Two Draft Guidelines on Personal Identity Verification (PIV) Credentials
January 10, 2023

3/17/23 - The public comment period for both drafts has been extended to April 21, 2023 (from March 24).
 

NIST is announcing the initial public drafts of NIST SP 800-157r1 (Revision 1), Guidelines for Derived Personal Identity Verification (PIV) Credentials, and NIST SP 800-217, Guidelines for Personal Identity Verification (PIV) Federation. These two SPs complement Federal Information Processing Standard (FIPS) 201-3, which defines the requirements and characteristics of government-wide interoperable identity credentials used by federal employees and contractors.

  • NIST SP 800-157 has been revised to feature an expanded set of derived PIV credentials to include public key infrastructure (PKI) and non-PKI-based phishing-resistant multi-factor authenticators.
  • NIST SP 800-217 details technical requirements on the use of federated PIV identity and the interagency use of assertions to implement PIV federations backed by PIV identity accounts and PIV credentials.

NIST will introduce both draft documents at a virtual workshop on February 1, 2023. Please see the workshop homepage to register and attend the virtual event. 

The public comment period for both draft publications is open through March 24 April 21, 2023. See the publication details for NIST SP 800-157r1 and NIST SP 800-217 to download the drafts and find instructions for submitting comments.

NOTE: A call for patent claims is included on page iii of each draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.

Created January 10, 2023, Updated March 17, 2023