Thank you for your interest in commenting on the second draft of NIST Cybersecurity Practice Guide, SP 1800-12: Derived Personal Identity Verification (PIV) Credentials. Comments can be supportive or critical and may include suggestions of changes or additions that you believe will improve the project.
As you review and apply this example implementation to your own organization, we ask for you to share your feedback and experience. Some questions to consider as you review the document and provide feedback:
- If your organization uses PIV Cards for identification and authentication and has experienced challenges associated with applying derived credentials to mobile devices, did you find the draft guide useful?
- Has the draft guide helped your organization understand the risk, security and/or technology for Derived PIV Credentials (DPC)?
- Do you have feedback on the implementation of DPC?
Please note: all comments received are a part of the public record and will generally be included in the final document without change. All personal identifying information (for example, name and address) voluntarily submitted by the commenter may be publicly accessible. Please do not submit confidential business information or otherwise sensitive or protected information.
The comment period for this draft practice guide closed on October 1, 2018.