NIST is seeking public comment on the potential use of certain International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards for cryptographic algorithm and cryptographic module testing, conformance, and validation activities, currently specified by Federal Information Processing Standard (FIPS) 140-2. The National Technology Transfer and Advancement Act (NTTAA) directs federal agencies to adopt voluntary consensus standards wherever possible. The responses to this request for information will be used to plan possible changes to the FIPS or in a decision to use all or part of the ISO/IEC standards for testing, conformance and validation of cryptographic algorithms and modules.

See the Supplementary Information section of the Federal Register Notice, as well as the FIPS 140-3 Development project pages, for questions of particular interest to NIST, regarding FIPS 140-2 and ISO/IEC standards.