Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Drafts Open for Comment

Feeds:      RSS/Atom      JSON

Many of NIST's cybersecurity and privacy publications are posted as drafts for public comment. Comment periods are still open for the following publications. Select the publication title to access downloads, related content, and instructions for submitting comments. Your thoughtful reviews and comments are greatly appreciated and help us to improve our standards and guidance.

Also see a complete list of public drafts that includes those whose comment periods have closed.

NoSQL (i.e., “not only SQL” or “non-SQL”) database systems and data stores often outperform traditional relational database management systems (RDBMSs) in various aspects, such as data analysis efficiency, system performance, ease of deployment, flexibility/scalability of data management, and users’...

SummaryNIST seeks to update and improve the guidance in Special Publication (SP) 800-60, Guide for Mapping Types of Information and Information Systems to Security Categories. Specifically, NIST seeks feedback on the document’s current use, proposed updates in the initial working draft and...

The initial public drafts (ipd) of NIST Special Publication (SP) 800-55, Measurement Guide for Information Security, Volume 1 – Identifying and Selecting Measures and Volume 2 – Developing an Information Security Measurement Program are available for comment after extensive research, development,...

The initial public drafts (ipd) of NIST Special Publication (SP) 800-55, Measurement Guide for Information Security, Volume 1 – Identifying and Selecting Measures and Volume 2 – Developing an Information Security Measurement Program are available for comment after extensive research, development,...

The Addressing Visibility Challenges with TLS 1.3 project builds on the NCCoE's earlier work, TLS Server Certificate Management, which showed organizations how to centrally monitor and manage their TLS certificates. We are now focusing on protocol enhancements such as TLS 1.3 which have helped...