Publications
July 19, 2023: URLs for CSRC publication details pages have changed. Legacy URLs should automatically redirect to the new URLs. However, links to the actual publications have NOT changed (e.g., DOIs and PDFs on nvlpubs.nist.gov). Please send inquiries to
csrc-inquiry@nist.gov.
Withdrawn on September 13, 2021.
Federal Agency Use of Public Key Technology for Digital Signatures and Authentication
Documentation
Topics
Date Published: October 2000
Planning Note (09/13/2021):
See the withdrawal announcement and rationale for withdrawal.
For current information on this topic, see https://idmanagement.gov, especially:
Author(s)
Kathy Lyons-Burke (NIST), Federal Public Key Infrastructure Steering Committee
This document builds on the Federal IT Security Assessment Framework (Framework) developed by NIST for the Federal Chief Information Officer (CIO) Council. The Framework established the groundwork for standardizing on five levels of security status and criteria agencies could use to determine if the five levels were adequately implemented. This document provides guidance on applying the Framework by identifying 17 control areas, such as those pertaining to identification and authentication and contingency planning. In addition, the guide provides control objectives and techniques that can be measured for each area.
This document builds on the Federal IT Security Assessment Framework (Framework) developed by NIST for the Federal Chief Information Officer (CIO) Council. The Framework established the groundwork for standardizing on five levels of security status and criteria agencies could use to determine if the...
See full abstract
This document builds on the Federal IT Security Assessment Framework (Framework) developed by NIST for the Federal Chief Information Officer (CIO) Council. The Framework established the groundwork for standardizing on five levels of security status and criteria agencies could use to determine if the five levels were adequately implemented. This document provides guidance on applying the Framework by identifying 17 control areas, such as those pertaining to identification and authentication and contingency planning. In addition, the guide provides control objectives and techniques that can be measured for each area.
Hide full abstract
Keywords
Federal bridge CA; Government Paperwork Elimination Act; GPEA; guidance; PKI; public key infrastructure
Control Families
Contingency Planning; Identification and Authentication; Planning; Risk Assessment; System and Communications Protection