September 20, 2013 at 5:33 pm #180054
Perhaps some interest and or relevance, especially considering the events of Monday the 16th in at the Navy Yard
The National Institute of Standards and Technology (NIST) is pleased to announce the approval of Federal Information Processing Standard (FIPS) Publication 201-2, Personal Identity Verification of Federal Employees and Contractors. (See the Federal Register Notice announcing FIPS 201-2 approval.) This revision includes adaptations to changes in the environment and technology since the publication of FIPS 201-1, clarifications to existing text, additional text to resolve ambiguities and specific changes requested by Federal agencies and implementers.
FIPS 201-2 reflects the disposition of comments that were received during the public comment periods for the first and second drafts of the Standard, which were published on March 8, 2011, and July 9, 2012, respectively. The complete sets of comments and dispositions are provided in the two links below.
High level changes include:
Introduction of chain-of-trust and grace period for PIV card reissuance processes,
Relaxation of PIV Card termination requirements and specifically certificate revocation,
New options for physical card characteristics to help agencies achieve Section 508 compliance for PIV card orientation,
A UUID as a mandatory unique identifier for the PIV Card,
Downgrade of the authentication mechanism associated with the Card Holder Unique Identifier (CHUID) to indicate that it only provides little or no assurance of identity,
Updates to the PIV card’s on-board credentials include:
Expansion of the core mandatory credentials: the previously optional asymmetric card authentication, digital signature and key management are now mandatory,
New optional credentials: Iris recognition capability and fingerprint biometric match-on-card (OCC),
Introduction of an optional virtual contact interface (VCI), over which all functionalities of the PIV Card are accessible via contactless interface,
Accommodation for mobile devices in the form of PIV derived credentials that can be provisioned to mobile devices.
Download (caution ~5 meg download)
You must be logged in to reply to this topic.