[Federal Register Volume 62, Number 92 (Tuesday, May 13, 1997)]
[Notices]
[Pages 26293-26294]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 97-12341]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
[Docket No. 960924273-6273-01]
RIN 0693-2A11
Announcing Plans to Revise Federal Information Processing
Standard 186, Digital Signature Standard
AGENCY: National Institute of Standards and Technology (NIST),
Commerce.
ACTION: Notice; request for comments.
-----------------------------------------------------------------------
SUMMARY: NIST is planning to develop a proposed revision to Federal
Information Processing Standard 186, Digital Signature Standard. This
revision would specify additional public-key based digital signature
algorithms (in addition to the Digital Signature Algorithm [DSA]) for
use in designing and implementing public-key based signature systems
which Federal departments and agencies operate or which are operated
for them under contract. The purpose of the revision will be to enable
Federal departments and agencies greater flexibility, consistent with
sound security practices, in the design, implementation, and use of
public-key based digital signature systems.
DATES: Comments should be received on or before August 11, 1997.
ADDRESSES: Written comments should be sent to: Director, Information
Technology Laboratory, ATTN: Planned Revision to FIPS 186, Technology
Building, Room A231, National Institute of Standards and Technology,
Gaithersburg, MD 20899.
Electronic comments should be sent to: [email protected]
Comments are particularly sought with respect to the RSA and
elliptic curve techniques. In addition, parties believing their patents
or other intellectual property pertain to either of these techniques
are asked to comment and provide specifics of the nature of their
claims.
Comments received in response to this notice will be made part of
the public record and will be made available for inspection and copying
in the Central Reference and Records Inspection Facility, Room 6020,
Herbert C. Hoover Building, 14th Street between Pennsylvania and
Constitution Avenues, NW., Washington, DC 20230.
FOR FURTHER INFORMATION CONTACT:
Edward Roback, Computer Security Division, National Institute of
Standards and Technology, Gaithersburg, MD 20899, telephone (301) 975-
3696. The current FIPS 186 and change notice is available at http://
csrc.nist.gov/fips/fips186.txt. Interested parties may obtain copies of
the current FIPS 186 and change notice from the National Technical
Information Service, U.S. Department of Commerce, Springfield, VA
22161, telephone (703) 487-4650, e-mail [email protected]
SUPPLEMENTARY INFORMATION: NIST is planning to develop a proposed
revision to Federal Information Processing Standard 186, Digital
Signature Standard, to specify additional public-key based digital
signature algorithms (in addition to the Digital Signature Algorithm
[DSA]) for incorporation into FIPS 186. These algorithms could then be
used in designing and implementing public-key based signature systems
which Federal departments and agencies operate or which are operated
for them under contract. The purpose of the revision will be to enable
Federal departments and agencies greater flexibility, consistent with
sound security practices, in the design, implementation, and use of
public-key based signature systems.
Other algorithms approved for inclusion shall be either: (1) Freely
available or (2) available under terms consistent with the American
National Standards Institute (ANSI) patent policy.
The Administration policy is that cryptographic keys used by
Federal agencies for encryption (i.e., to protect the confidentiality
of information) shall be recoverable through an agency or third-party
process and that keys used for digital signature (i.e., for integrity
and authentication of information) shall not be recoverable. Agencies
must be able to ensure that signature keys cannot be used for
encryption. Any algorithms proposed for digital signature must be able
to be implemented such that they do not support encryption unless keys
used for encryption are distinct from those used for signature and are
recoverable.
The distinction between signature and encryption keys will be
facilitated in the public key infrastructure by using X.509v3 public
key certificates.
NIST solicits comments from interested parties, including industry,
voluntary standards organizations, the public, and State and local
governments concerning developing such a proposed revision, and
concerning the availability, security, and adequacy of existing
industry standards, de facto or otherwise, for public key-based digital
signature systems.
This work is pursuant to NIST's responsibilities under the Computer
Security Act of 1987, the Information
[[Page 26294]]
Technology Management Reform Act of 1996, OMB Circular A-130, and
Executive Order 13011.
Dated: May 6, 1997.
Elaine Bunten-Mines,
Director, Program Office.
[FR Doc. 97-12341 Filed 5-12-97; 8:45 am]
BILLING CODE 3510-CN-M