The final public draft (fpd) of NIST Special Publication (SP) 800-217, Guidelines for the Use of Personal Identity Verification (PIV) Credentials with Federation, is now available for public review and comment.
This final draft of SP 800-217 incorporates all comment resolutions since the initial public draft was posted in 2023. The document describes technical requirements on the use of federated PIV identity and assertions to implement PIV federations backed by PIV identity accounts and PIV credentials. The guidelines are closely aligned with the recently published second public draft of SP 800-63-4 Digital Idenitty Guidelines. NIST hopes that this final draft document enables a close alignment with new and emerging digital authentication and federation technologies employed in the Federal Government while maintaining a strong security posture.
A companion document, the final public draft of SP 800-157r1 Guidelines for Derived PIV Credentials, is also available for public comment. That draft provides revised guidelines for the issuance and maintenance of authenticators used as derived PIV credentials.
Reviewers are encouraged to comment and suggest changes to the text of both documents. NIST requests that all comments be submitted by 11:59pm Eastern Time on January 10, 2025. Please submit your comments to piv_comments@nist.gov. NIST will review all comments and make them available at the NIST Computer Security Resource Center website. Commenters are encouraged to use the comment template provided with the document announcement.
PDF versions of these documents are available on the NIST Computer Security Resource Center.