The final public draft (fpd) of NIST Special Publication (SP) 800-157r1 (Revision 1), Guidelines for Derived Personal Identity Verification (PIV) Credentials, is now available for public review and comment.
This final draft incorporates all comment resolutions since the initial public draft was posted in 2023. The document details the expanded set of derived PIV credentials in a variety of form factors and authenticator types, as envisioned in OMB Memoranda M-19-17 and M-22-09 and subsequently outlined in FIPS 201-3. The cross-domain and interagency use of these credentials is provided by federation protocols outlined in the final public draft of SP 800-217 Guidelines for the Use of Personal Identity Verification (PIV) Credentials with Federation, which is also available for public comment. Both documents are closely aligned with the recently published second public draft of SP 800-63-4 Digital Idenitty Guidelines. NIST hopes that this final draft document enables a close alignment with new and emerging digital authentication and federation technologies employed in the Federal Government while maintaining a strong security posture.
Reviewers are encouraged to comment and suggest changes to the text of both documents. NIST requests that all comments be submitted by 11:59pm Eastern Time on January 10, 2025. Please submit your comments to piv_comments@nist.gov. NIST will review all comments and make them available at the NIST Computer Security Resource Center website. Commenters are encouraged to use the comment template provided with the document announcement.
A PDF version of this document is available on the NIST Computer Security Resource Center.
NOTE: All comments and responses are subject to release under the Freedom of Information Act (FOIA). A call for patent claims is included on page ii of each draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy — Inclusion of Patents in ITL Publications.