Date Published: June 2020
Comments Due: August 10, 2020 (public comment period is CLOSED)
Email Questions to: dig-comments-RFC@nist.gov
Summary
NIST requests review and comments on the four-volume set of documents: Special Publication (SP) 800-63-3 Digital Identity Guidelines, SP 800-63A Enrollment and Identity Proofing, SP 800-63B Authentication and Lifecycle Management, and SP 800-63C Federation and Assertions. This document set presents the controls and technical requirements to meet the digital identity management assurance levels specified in each volume.
The public comment period ends August 10, 2020. Please submit your comments to dig-comments-RFC@nist.gov. See the Note to Reviewers section below for some specific topics about which NIST is seeking your feedback.
Background
In 2004, NIST published the initial version of SP 800-63, Electronic Authentication Guideline. Subsequently, three revisions have been published, and the latest, revision 3, was published in June 2017. Retitled as Digital Identity Guidelines the document was separated into the current four-volume set (SP 800-63-3, -63A, -63B, and -63C). NIST is requesting comments on the document in response to agency and industry implementations, industry and market innovation and the current threat environment.
Several recent developments suggest this current need for review and comment:
NIST is soliciting public feedback on this Special Publication to identify areas that industry and government deem most significant for revision. We will review all public comments and make them available at the NIST identity and Access Management Resource Center (NIST IAM) website.
Reviewers should feel free to comment and suggest changes and enhancements to the text of all four volumes: SP 800-63-3, 800-63A, 800-63B, and 800-63C. This request for review presents several topics for which NIST is requesting federal agency and industry review and comment for potential changes or additions to the current text. Reviewers may respond to any of these topic areas as they choose. There is no requirement to include any of the topic areas in submitted comments.
NIST is particularly interested in comments and recommendations for the following topics:
None selected
Publication:
None available
Supplemental Material:
None available
Related NIST Publications:
Document History:
06/08/20: SP 800-63-4 (Draft)
12/16/22: SP 800-63-4 (Draft)
Security and Privacy
identity & access management