Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Closing time! You don’t have to go home … but you can still comment on draft SP 800-63-3

Just 15 days remain in the comment period for draft Special Publication (SP) 800-63-3: Digital Identity Guidelines! The document opened for public comment on January 30th and will close on March 31st. Based on the comments we’ve received so far, we don’t expect to extend the deadline, so get to work and submit your comments before closing time!

To see what we covered during our informational 800-63-3 webinar, check out the recording from February 7th (accompanying slides can be found here).

Why now?

The proposed update more closely matches the way digital services are deployed and utilized today. Our aim for SP 800-63-3 is to help agencies mitigate risk by accepting diverse sets of identity proofing and authentication techniques. The revised draft also more closely aligns with the identity standards work occurring across the globe.

Our process and timeline

Since the start of this public comment period, we’ve already adjudicated more than 50 of your comments - the vast majority of which have been clarifications or the addition of helpful definitions. As always, we welcome more of your comments and plan to review and adjudicate them as quickly as we can once the comment period closes. While we aim to publish the final Digital Identity Guidelines document by early summer, we take this process seriously and won’t go final just yet if requirements fundamentally shift based on insightful comments from the community. That said, we don’t feel that the comments we’ve received so far have reached the threshold that warrants extending the comment period or introducing a second comment period...so you should anticipate that, after first opening for comments on GitHub last May, the end of this comment period on March 31st is truly your last chance to weigh in.

How to comment

GitHub is our preferred tool for the submission of comments; you can read the document here and you can contribute here. We also have a PDF version of the draft and submit dig-comments [at] nist.gov (email) comments to dig-comments [at] nist.gov (dig-comments[at]nist[dot]gov). Note that we will make all comments publicly available by converting those shared via email to open GitHub “issues” to maintain an open and transparent process.

We appreciate your collaboration, questions, and thoughts - so please keep the comments coming until the end of the month as we work to make 800-63-3 even better...the sooner you can submit them, the better.

If you’re looking for updates on SP 800-63-3 or other Trusted Identities Group activities, please subscribe to our email updates or follow us on Twitter.

 

About the author

Paul Grassi

Paul Grassi was a Senior Standards and Technology Advisor at the National Institute of Standards and Technology (NIST). He joined NIST in June 2014 to advance and accelerate the development and adoption of identity authentication and authorization related standards and technologies needed to implement the identity ecosystem envisioned in the National Strategy for Trusted Identities in Cyberspace (NSTIC). Mr. Grassi has a broad background in technology and management consulting, and significant experience developing enterprise security strategies and systems, having served a range of Fortune 500 companies, as well as domestic and foreign governments. He is no longer at NIST, but continues to serve the identity community.

Related posts

Comments

Add new comment

CAPTCHA
Image CAPTCHA
Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.