NIST has extended the deadlines to submit comments to drafts of three key pieces of guidance related to digital identity:
Digital Identity Guidelines (NIST SP 800-63-4) | Extended until April 14, 2023 NIST SP 800-63 intends to respond to the changing digital landscape that has emerged since the last major revision of this suite was published in 2017-including the real-world implications of online risks. The guidelines present the process and technical requirements for meeting digital identity management assurance levels for identity proofing, authentication, and federation, including requirements for security and privacy as well as considerations for fostering equity and the usability of digital identity solutions and technology.
Comment instructions - https://csrc.nist.gov/publications/detail/sp/800-63/4/draft
Guidelines for Derived Personal Identity Verification (PIV) Credentials (NIST SP 800-157r1) | Extended until April 21, 2023 NIST SP 800-157 has been revised to feature an expanded set of derived PIV credentials to include public key infrastructure (PKI) and non-PKI-based phishing-resistant multi-factor authenticators.
Comment instructions - https://csrc.nist.gov/publications/detail/sp/800-157/rev-1/draft
Guidelines for Personal Identity Verification (PIV) Federation (NIST SP 800-217) | Extended until April 21, 2023 NIST SP 800-217 details technical requirements on the use of federated PIV identity and the interagency use of assertions to implement PIV federations backed by PIV identity accounts and PIV credentials.
Comment Instructions - https://csrc.nist.gov/publications/detail/sp/800-217/draft
Michael Roza CPA, CISA, CIA, CC, MBA, Exec MBA