The National Institute of Standards and Technology (NIST) is seeking comment on Draft Federal Information Processing Standard (FIPS) 201-3 Personal Identity Verification (PIV) of Federal Employees and Contractors Standard that defines common credentials and authentication mechanisms for logical and physical access applications.
The draft version proposes changes to FIPS 201-2 that include:
- “Expanding specification on the use of additional PIV credentials known as derived PIV credentials procedures for supervised remote identity proofing;
- The use of federation as a means for a relying system to interoperate with PIV credentials issued by other agencies; and
- Alignment with the current practice/policy of the Federal government and specific changes requested by Federal agencies and implementers.”
The current version of the standard was reviewed in 2018, per NIST policy. Due to environment changes over the past several years, however, it was determined that another revision of the standard was warranted.
“NIST has received numerous change requests, some of which, after analysis and coordination with the Office of Management and Budget, the Office of Personnel Management, and other Federal agencies, are incorporated in the Draft FIPS 201-3,” NIST said in the request for comment. “Other change requests incorporated in the Draft FIPS 201-3 result from the 2019 Business Requirements Meeting held at NIST.