Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Return of the Great Zoltan! Our 800-63 FAQs answer life’s most perplexing questions (about digital identity, anyway).

It’s been more than a month since we released Special Publication 800-63: Digital Identity Guidelines, and we have been thrilled by all the positive feedback – we are glad you like it as much as we do! But we’re also fielding a number of questions.

When we started this update to SP 800-63, we promised we’d put stakeholders in more control of the writing and position ourselves to be more hands-on in getting solutions implemented. For the latter, we’ve begun our work on the implementation guides, and today we’re releasing a simple little document to kickstart the continual process of clarifying the document and facilitating all the good work agencies and industry are doing to get digital identity right.

The document included a lot of updates, so it’s only natural that we’ve heard some reoccurring questions from the community. Realizing many have the same questions, we kept track of these and compiled them in a frequently asked questions (FAQs) page.

We will publish updates to the FAQs as more questions roll in and you’ll always be able to find the current version on GitHub.

More questions? Ask us directly!

You can send all your questions to us via GitHub or dig-comments [at] (email). We will keep track of all the questions we receive and add to the FAQs when we see themes emerge.

When we add a new Q & A, we’ll let you know via Twitter. Again, the most up-do-date document will always be located here.

About the author

Paul Grassi

Paul Grassi was a Senior Standards and Technology Advisor at the National Institute of Standards and Technology (NIST). He joined NIST in June 2014 to advance and accelerate the development and adoption of identity authentication and authorization related standards and technologies needed to implement the identity ecosystem envisioned in the National Strategy for Trusted Identities in Cyberspace (NSTIC). Mr. Grassi has a broad background in technology and management consulting, and significant experience developing enterprise security strategies and systems, having served a range of Fortune 500 companies, as well as domestic and foreign governments. He is no longer at NIST, but continues to serve the identity community.

Related posts


Add new comment

Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.