In September 2017, this (legacy) site will be replaced with the new site you can see at beta.csrc.nist.rip. At that time, links to this legacy site will be automatically redirected to apporpriate links on the new site.
NIST SOLICITS COMMENTS ON ITS REVISED CRYPTOGRAPHIC STANDARDS AND GUIDELINES DEVELOPMENT PROCESS
Summary:
NIST requests comments on a revised draft (second public draft) report on NISTIR 7977, NIST Cryptographic Standards and Guidelines Development Process. This revised document describes the principles, processes and procedures behind our cryptographic standards development efforts. Please send comments to crypto-review@nist.gov by March 27, 2015.
- Comments Received on Second Public Draft NISTIR 7977 (January 2015)
Background:
This draft results from a NIST-initiated review of its cryptographic standards development process in response to public concerns about the security of NIST cryptographic standards and guidelines.
It reflects NIST’s response to comments received on a February 2014 draft.
- Comments Received on First Public Draft NISTIR 7977 (February 2014)
- Summary of Public Comments and Responses to the First Public Draft (February 2014)
We are soliciting public comments on this revised draft to obtain further feedback on the principles and mechanisms we use to engage stakeholders and experts in industry, academia and government to develop these standards. A news release from NIST's Public Affairs Office on this revised draft can be found here. (An announcement can also be found on the CSRC Drafts page as well)
Comments will be reviewed and posted on the CSRC website. We expect to publish a final report based on this additional round of feedback. The revised publication will serve as basis for our future standards development efforts and review of existing standards.
Note to Reviewers:
NIST requests comments especially on the following:
- Do the expanded and revised principles state appropriate drivers and conditions for NIST’s efforts related to cryptographic standards and guidelines?
- Do the revised processes for engaging the cryptographic community provide the necessary inclusivity, transparency and balance to develop strong, trustworthy standards? Are they worded clearly and appropriately? Are there other processes that NIST should consider?
- Do these processes include appropriate mechanisms to ensure that proposed standards and guidelines are reviewed thoroughly and that the views of interested parties are provided to and considered by NIST? Are there other mechanisms NIST should consider?
- Are there other channels or mechanisms that NIST should consider in order to communicate most effectively with its stakeholders?