Draft FIPS 201-3 Available for Public Comment

Posted: November, 2020

The National Institute of Standards and Technology (NIST) requests comments on draft Federal Information Processing Standard (FIPS) 201-3, Personal Identity Verification (PIV) of Federal Employees and Contractors. This revision proposes several revisions to support the policy objectives outlined in OMB M-19-17, align with emerging standards and technologies for digital identity, support the use of alternative authenticators, and encourage interoperability through federation.

Available Online

Draft FIPS 201-3 Personal Identity Verification (PIV) of Federal Employees and Contractors

Comments

The draft of FIPS 201-3 is available for review and comment on the NIST Pages website at https://pages.nist.gov/FIPS201/.

Comments on FIPS 201-3 must be received on or before February 1, 2021. Comments should be submitted on the project repository at https://github.com/usnistgov/FIPS201/issues. Comments may alternatively be sent to piv_comments@nist.gov preferably using the comment template available at https://csrc.nist.gov/publications/detail/fips/201/3/draft.

All submissions, including attachments and other supporting materials, will become part of the public record and subject to public disclosure. NIST reserves the right to publish relevant comments, unedited and in their entirety. Relevant comments received by the deadline will be published electronically at https://github.com/usnistgov/FIPS201 without change or redaction, so commenters should not include information they do not wish to be posted. Personal information, such as account numbers or Social Security numbers, or names of other individuals, should not be included. Do not submit confidential business information or otherwise sensitive or protected information. Comments that contain profanity, vulgarity, threats, or other inappropriate language or content will not be posted or considered.

More Information:

A printable PDF is available on the NIST Computer Security Resource Center at https://csrc.nist.gov/publications/detail/fips/201/3/draft.

For more information about the PIV standard and associated technical guidelines, see the PIV Project Page on the Computer Security Resource Center.