Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Announcement of Proposal to Withdraw Special Publications 800-15, 800-25, and 800-32

NIST is proposing to withdraw Special Publications (SP) 800-15, SP 800-25, and SP 800-32. Please submit public comments by September 3, 2021.

In May 2021, NIST initiated a review of several publications, including the following NIST Special Publications (SP):

  • SP 800 15, MISPC Minimum Interoperability Specification for PKI Components, Version 1,
  • SP 800-25, Federal Agency Use of Public Key Technology for Digital Signatures and Authentication, and
  • SP 800-32, Introduction to Public Key Technology and the Federal PKI Infrastructure.

In response, NIST received public comments on SP 800-15 and on SP 800-32.

NIST proposes to withdraw all three publications. Public comments on this proposal may be submitted to cryptopubreviewboard [at] (cryptopubreviewboard[at]nist[dot]gov) by September 3, 2021.

Rationale for Proposed Decision

SP 800-15, Minimum Interoperability Specification for PKI Components (MISPC), Version 1, was published in January 1998 and was developed in cooperation with industry through a Cooperative Research and Development Agreement (CRADA). The document specifies information about the contents of certificates and CRLs and also specifies protocols for transactions between Public-Key Infrastructure (PKI) components. All of the information provided is now out-of-date.

SP 800-25, Federal Agency Use of Public Key Technology for Digital Signatures and Authentication, published in October 2000, was written at a time when the adoption of public-key technology within agencies was far more limited than it is today. The document was written before the issuance of Homeland Security Presidential Directive 12 (HSPD-12), which led to the development of the PIV Card, and before OMB issued directives for agencies to buy PKI services rather than operating their own certification authorities. The document is similarly now out-of-date.

SP 800-32, Introduction to Public Key Technology and the Federal PKI Infrastructure, published in February 2001, has some overlap with SP 800-25. As with SP 800-25, the information in SP 800-32 is out-of-date. The Federal PKI has changed substantially over the past 20 years, and as previously mentioned, this document predates the issuance of HSPD-12 and OMB directives for agencies to outsource PKI services. The document is similarly now out-of-date.

The initial public comments include various, insightful suggestions for SP 800-15 and SP 800-32. However, rather than developing up-to-date revisions or replacements for the three publications, NIST instead recommends as an alternative source of information, in particular,,, and

The Review Process

In NISTIR 7977, NIST affirmed its commitment to the periodic review of its cryptographic standards and guidelines. Information about the review process is available at

Released August 4, 2021