Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

SP 800-63 errata is now published! Corrections and clarifications are here!

Big news! Today we published errata for the NIST SP 800-63-3: Digital Identity Guidelines suite to provide additional clarification on requirements and informative sections that many of you had questions about. The errata – a list of corrections and clarifications - does not change any requirements – but instead provides further explanation for our stakeholders. To simplify things even further, each volume has an errata table that can be used to navigate directly to the content we updated.

NIST remains committed to nimbly updating these guidelines at a pace that works for government and industry. Stakeholders should feel free to provide feedback through GitHub or the dig-comments [at] (Digital Identity Guidelines inbox) (and we promise to consider all input as we work to make sure that agencies have the richest set of options to improve the delivery of digital identity solutions).

That said, we don’t want to overwhelm our valued stakeholders—so please also let us know how we should best keep pace with emerging threats, your needs, and marketplace innovation in a manner that works best for you! It’s a delicate balance, so your thoughts and suggestions on effective pacing and mechanisms to update these guidelines are encouraged.

We will continue to maintain these documents for you and take pride in doing it in a manner that aligns with our mission. Thank you so much for playing such a large role in the evolution of this document—and happy reading!


Follow us on Twitter!

About the author

Paul Grassi

Paul Grassi was a Senior Standards and Technology Advisor at the National Institute of Standards and Technology (NIST). He joined NIST in June 2014 to advance and accelerate the development and adoption of identity authentication and authorization related standards and technologies needed to implement the identity ecosystem envisioned in the National Strategy for Trusted Identities in Cyberspace (NSTIC). Mr. Grassi has a broad background in technology and management consulting, and significant experience developing enterprise security strategies and systems, having served a range of Fortune 500 companies, as well as domestic and foreign governments. He is no longer at NIST, but continues to serve the identity community.

Related posts


Add new comment

Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.