[Federal Register: September 8, 2005 (Volume 70, Number 173)]
[Notices]
[Page 53346-53347]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr08se05-31]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
[Docket No.: 050825229-5229-01]
Announcing Review of Proposed Changes to Federal Information
Processing Standard (FIPS) Publication 201, Standard for Personal
Identity Verification of Federal Employees and Contractors
AGENCY: National Institute of Standards and Technology (NIST),
Commerce.
ACTION: Notice. Request for comments.
-----------------------------------------------------------------------
SUMMARY: The National Institute of Standards and Technology (NIST)
announces proposed changes to Federal Information Processing Standard
(FIPS) Publication 201, Standard for Personal Identity Verification of
Federal Employees and Contractors. The changes to Section 2.2, PIV
Identify Proofing and Registration Requirements, and to Section 5.3.1,
PIV Card Issuance, will clarify the identity proofing and registration
process that departments and agencies should follow when issuing
identity credentials. These changes are required to make FIPS 201
consistent with the Memorandum for All Departments and Agencies (M-05-
24), issued by the Office of Management and Budget on August 5, 2005,
Implementation of Homeland Security Presidential Directive (HSPD) 12--
Policy for a Common Identification Standard for Federal Employees and
Contractors. Before recommending these proposed changes to FIPS 201 to
the Secretary of Commerce for review and approval, NIST invites
comments from the public, users, the information technology industry,
and Federal, State and local government organizations concerning the
proposed changes.
DATES: Comments on these proposed changes must be received by October
11, 2005.
ADDRESSES: Written comments concerning the proposed changes to FIPS 201
should be sent to: Information Technology Laboratory, ATTN: Proposed
Changes to FIPS 201, Mail Stop 8930, National Institute of Standards
and Technology, 100 Bureau Drive, Gaithersburg, MD 20899.
Electronic comments should be sent to: fips.comments@nist.gov.
The proposed changes to FIPS Publication 201 are available
electronically from the NIST Web site at: http://csrc.nist.gov/publications/
.
Comments received in response to this notice will be published
electronically at http://csrc.nist.gov/publications/fips/index.html.
FOR FURTHER INFORMATION CONTACT: W. Curtis Barker, (301) 975-8443,
National Institute of Standards and Technology, 100 Bureau Drive, STOP
8930, Gaithersburg, MD 20899-8930, email: wbarker@nist.gov.
Information about FIPS 201 and the PIV program is available on the
NIST Web pages: http://csrc.nist.gov/.
SUPPLEMENTARY INFORMATION: Homeland Security Presidential Directive
(HSPD) 12, Policy for a Common Identification Standard for Federal
Employees and Contractors, dated August 27, 2004, directed the
Secretary of Commerce to promulgate, by February 27, 2005, a
Government-wide standard for secure and reliable forms of
identification to be issued by the Federal Government to its employees
and contractors (including contractor employees). FIPS 201 was
developed to satisfy the technical, administrative, and timeliness
requirements of HSPD 12. The standard was developed in a ``manner
consistent with the Constitution and applicable laws, including the
Privacy Act (5 U.S.C. 552a) and other statutes protecting the rights of
Americans'' as required in HSPD 12.
To assist departments and agencies in implementing the provisions
of FIPS 201, Joshua Bolten, the Director of the Office of Management
and Budget (OMB), issued a Memorandum for All Departments and Agencies
on August 5, 2005 entitled ``Implementation of Homeland Security
Presidential Directive (HSPD) 12--Policy for a Common Identification
Standard for Federal Employees and Contractors.'' The Memorandum
provides implementation guidance and clarifies the requirements for
identity proofing, registration and accreditation processes. Two
provisions of FIPS 201 as promulgated by the Secretary of Commerce
earlier this year are not consistent with the guidance contained in the
Bolten Memorandum and those provisions of FIPS 201 are hereby proposed
for revision. Sections 2.2, ``PIV Identify Proofing and Registration
[[Page 53347]]
Requirements,'' and 5.3.1 of FIPS 201, ``PIV Card Issuance,'' are being
revised to assure that they are consistent with the OMB guidance
concerning National Agency Checks as part of the identity proofing and
registration process. Therefore, NIST has prepared changes to FIPS 201
to clarify the identity proofing and registration process that
departments and agencies should follow when issuing identity
credentials. In short, under the proposed FIPS revision if an agency
does not receive the results of the National Agency Checks (NAC) within
five days, the identity credential can be issued based on the FBI
National Criminal History Check (fingerprint check). Identity
credentials issued to individuals without a completed NAC or equivalent
must be electronically distinguishable from identity credentials issued
to individuals who have a completed investigation. Director Bolten's
Memorandum is available electronically from the OMB Web page: http://www.whitehouse.gov/omb/memoranda/index.html
.
The proposed changes to FIPS Publication 201 are available
electronically from the NIST Web site at: http://csrc.nist.gov/publications/
.
Authority: In accordance with the Information Technology
Management Reform Act of 1996 (Public Law 104-106) and the Federal
Information Security Management Act (FISMA) of 2002 (Public Law 107-
347), the Secretary of Commerce is authorized to approve Federal
Information Processing Standards (FIPS). Homeland Security
Presidential Directive (HSPD) 12, Policy for a Common Identification
Standard for Federal Employees and Contractors, dated August 27,
2004, directed the Secretary of Commerce to promulgate, by February
27, 2005, a Government-wide standard for secure and reliable forms
of identification to be issued to Federal Government employees and
contractors.
Executive Order 12866: This notice has been determined to be
significant for the purposes of Executive Order 12866.
Dated: September 1, 2005.
William Jeffrey,
Director.
[FR Doc. 05-17744 Filed 9-7-05; 8:45 am]
BILLING CODE 3510-13-P