Fwd: NIST Computer Security Division Released Special Publication 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Fwd: NIST Computer Security Division Released Special Publication 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials

Douglas E Engert
Opensc developers might find this interesting, on how NIST will leverage the PIV specifications and infrastructure
for use with embedded tokens on phones and tablets.

They use the NIST 800-73 specifications with a new AID:

The labels on the "X.509 Certificate for PIV Authentication" becomes "X.509 Certificate for Derived PIV Authentication"

and "PIV Card Application PIN" becomes "Derived PIV Application Password" and
"PIN Unblocking Key" and "Password Unblocking Key", were the password uses:
0x30 – 0x39, 0x41 – 0x5A, and 0x61 – 0x7A


NIST Computer Security Division Released Special Publication 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials

Special Publication 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials has been approved as final

NIST announces the release of Special Publication (SP) 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials. SP 800-157 defines a technical specification for implementing and deploying Derived PIV Credentials to mobile devices, such as smart phones and tablets. The goal of the Derived PIV Credential is to provide PIV-enabled authentication services from mobile devices to authenticate to remote systems.

URL to the SP 800-157 document (PDF):
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-157.pdf

Comments and their dispositions received during the public comment period are available:
http://csrc.nist.gov/publications/nistpubs/800-157/sp800_157_comments_resolutions.pdf

This URL is the target or direct URL to where SP 800-157 can be found on the CSRC Special Publications page:
http://csrc.nist.gov/publications/PubsSPs.html#800-157

(note: if the target link part of the URL does not work from above URL (target link is at end of URL where the #), go to the CSRC Special Publications page in your web browser: http://csrc.nist.gov/publications/PubsSPs.html    and then at the end of the URL in the URL Locator in your web browser type: #800-157 (there is no space between the PubsSPs.html and the #800-157 – so the final URL should look just like the URL provided above)

__________
Pat O’Reilly
NIST Computer Security Division
[hidden email] (Attn: Pat O’Reilly)

 


 

This email was sent to [hidden email] using GovDelivery, on behalf of: NIST Computer Security Resource Center · 100 Bureau Drive · Gaithersburg, MD 20899 · (301) 975-6478 Powered by GovDelivery


------------------------------------------------------------------------------
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel