Change Log

This appendix is informative. It provides an overview of the changes to SP 800-157 since its initial release.

• Throughout — Removed restrictions to only use derived PIV credentials on mobile devices
• Sections 1.1, 1.2 — Allowed binding of non-PKI-based derived PIV credentials at AAL2 and AAL3
• Sections 1.2, 2.1, 2.2, 3.1, 3.2, C — Changed assurance levels from LOA to AAL
• Sections 1.4, 2.2 — Removed relationship to obsolete OMB memoranda
• Section 2.1 — Added life cycle of non-PKI-based derived PIV credentials
• Sections 2.2.1, 2.2.2 — Added detail on issuance for PKI and non-PKI-based derived PIV credentials
• Sections 2.3.1, 2.3.2 — Added detail on maintenance for PKI and non-PKI-based derived PIV credentials
• Sections 2.4, 2.4.1, 2.4.2 — Added invalidation detail, replacing linkage with PIV Card
• Section 3.1, 3.2 — Reorganized sections into PKI and non-PKI-based derived PIV credential requirements
• Section 3.1.3 — Removed specific physical details for authenticators
• Sections 3.1.4, 3.2.3 — Referenced SP 800-63B for activation requirements
• Section 3.3 — Added reference to binding requirements in SP 800-63B
• Appendix B.1.2, B.1.3 — Added secure messaging and VCI capabilities for removable and wireless authenticators
• Appendix C.1 — Added reference to issuance requirements in SP 800-63B
• Appendix C.2 — Updated existing PIV credential issuance example and added example of issuance of non-PKI-based derived PIV credentials
• Appendix D — New appendix on the use of derived PIV credentials with physical access control systems