Date Published: March 2017
Comments Due:
Email Questions to:
Author(s)
Paul Grassi (NIST), Michael Garcia (NIST), James Fenton (Altmode Networks)
Announcement
The Trusted Identities Group (TIG) has posted a Revised Draft of the parent document for Special Publication 800-63-3, Digital Identity Guidelines, whose comment period closes May 1, 2017. This extended comment period is for the parent volume only; not sections A, B, or C. (The original draft was posted from January 30 - March 31, 2017.)
A blog post provides additional details about this revised draft and the extended comment period.
The revised draft is available at https://pages.nist.gov/800-63-3 and in the PDF linked below. We encourage readers to provide comments during this open period. For maximum flexibility to our stakeholder community we are offering two methods to submit comments. The preferred method is to submit comments here: https://github.com/usnistgov/800-63-3/issues. We've included instructions at https://pages.nist.gov/800-63-3/comment_help.html to assist those that are new to this process.
For those unable to provide comments online, a comment matrix is provided below. Please note, all comments submitted via email will be transposed to our online comment page so that we can manage comments in a single place. We will include organizational attribution when we post the comment(s) online.
These guidelines provide technical requirements for Federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. The guidelines cover remote authentication of users (such as employees, contractors, or private individuals) interacting with government IT systems over open networks. They define technical requirements in each of the areas of identity proofing, registration, authenticators, management processes, authentication protocols and related assertions. This publication supersedes NIST SP 800-63-1 and SP 800-63-2.
These guidelines provide technical requirements for Federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. The guidelines cover remote authentication of users (such as employees, contractors, or private...
See full abstract
These guidelines provide technical requirements for Federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. The guidelines cover remote authentication of users (such as employees, contractors, or private individuals) interacting with government IT systems over open networks. They define technical requirements in each of the areas of identity proofing, registration, authenticators, management processes, authentication protocols and related assertions. This publication supersedes NIST SP 800-63-1 and SP 800-63-2.
Hide full abstract
Keywords
authentication; authentication assurance; authenticator; assertions; credential service provider; digital authentication; digital credentials; identity proofing; passwords; PKI
Control Families
Access Control; Identification and Authentication
