Please create an account to participate in the Slashdot moderation system


Forgot your password?
United States Government Security

NIST Solicits Comments On Electronic Authentication Guideline 7

First time accepted submitter Jim Fenton writes The National Institute of Standards and Technology (NIST) is poised to make what is expected to be a major revision of Special Publication 800-63-2, Electronic Authentication Guideline. While normative only for the Federal Government, it is widely referenced elsewhere and specifies requirements to meet each of four Levels of Assurance (LOA). Should this structure change? Are there changes in technology or threats that should be considered in the revision? NIST would like to hear from you.
This discussion has been archived. No new comments can be posted.

NIST Solicits Comments On Electronic Authentication Guideline

Comments Filter:
  • Don't you mean "NSA would like to hear from you?"

    They've got to be kidding if they think anyone is going to believe anything they may have to say...

    • While they didn't willingly/intentionally give their information to the NSA, the fact that they were compromised by the NSA means that they should still be considered compromised going forward, so you are correct.

      TLDR: don't do business with the NSA. This also means we really, really, really need to get rid of FIPS as well.

  • by TechyImmigrant ( 175943 ) on Sunday April 12, 2015 @12:42PM (#49457817) Homepage Journal

    NIST solicits input on new specs or spec updates pretty much every week.
    Why is this one so special that it get's a Slashdotting?

    In my opinion the hot action is on Lightweight crypto (workshop in July) and the SP800-90B draft which is subject to substantial revision.

Information is the inverse of entropy.