Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
United States Government Security

NIST Solicits Comments On Electronic Authentication Guideline 7

First time accepted submitter Jim Fenton writes The National Institute of Standards and Technology (NIST) is poised to make what is expected to be a major revision of Special Publication 800-63-2, Electronic Authentication Guideline. While normative only for the Federal Government, it is widely referenced elsewhere and specifies requirements to meet each of four Levels of Assurance (LOA). Should this structure change? Are there changes in technology or threats that should be considered in the revision? NIST would like to hear from you.
This discussion has been archived. No new comments can be posted.

NIST Solicits Comments On Electronic Authentication Guideline

Comments Filter:
  • Comment removed based on user account deletion
    • While they didn't willingly/intentionally give their information to the NSA, the fact that they were compromised by the NSA means that they should still be considered compromised going forward, so you are correct.

      TLDR: don't do business with the NSA. This also means we really, really, really need to get rid of FIPS as well.

  • by TechyImmigrant ( 175943 ) on Sunday April 12, 2015 @11:42AM (#49457817) Homepage Journal

    NIST solicits input on new specs or spec updates pretty much every week.
    Why is this one so special that it get's a Slashdotting?

    In my opinion the hot action is on Lightweight crypto (workshop in July) and the SP800-90B draft which is subject to substantial revision.

Technology is dominated by those who manage what they do not understand.

Working...