assurance - [Assurance] NIST vs. TFS vs. Silver
Subject: Assurance
List archive
- From: Eric Goodman <>
- To: "" <>
- Subject: [Assurance] NIST vs. TFS vs. Silver
- Date: Thu, 13 Mar 2014 17:09:42 +0000
- Accept-language: en-US
I had an opportunity to read through the new FICAM TFS TFPAP at
http://www.idmanagement.gov/sites/default/files/documents/FICAM_TFS_TFPAP_v2.0.pdf I'm having some difficulty comprehending the intended distinction between the LoA requirements detail defined in this framework vs. the LoA requirements defined in NIST 800-63. The LoA requirements in the FICAM/TFS document seems to be
a reasonable evolutionary update (at least for LoA 2 – I haven't really read the higher LoA's) of the areas of concern that Trust Framework Providers need to address in their Trust Frameworks.
What I'm confused by is that I thought InCommon looked generally to NIST-800-63-n as the "boilerplate" to which Bronze and Silver are attempting to provide equivalent(ish) protections. Is there a reason why these requirement categories
are so detailed-ly repeated in the two separate documents? Is it just that FICAM and NIST are different agencies, and FICAM is providing guidance to NIST on what 800-63-n+1 should address? Is InCommon actually matching to the FICAM requirements and just uses
NIST-800-63-n as an approved TFP for reference? Thanks for any clarification, and apologies if this is the wrong list for the question. (I presume that eventually the information in the TFSPAP doc will be relevant for discussion on this list, just trying to get clear if it is today!) --- Eric |
- [Assurance] NIST vs. TFS vs. Silver, Eric Goodman, 03/13/2014
- [Assurance] RE: NIST vs. TFS vs. Silver, Jones, Mark B, 03/13/2014
- <Possible follow-up(s)>
- Re: [Assurance] NIST vs. TFS vs. Silver, Ann West, 03/13/2014
- RE: [Assurance] NIST vs. TFS vs. Silver, Eric Goodman, 03/14/2014
- RE: [Assurance] NIST vs. TFS vs. Silver, Jones, Mark B, 03/14/2014
- RE: [Assurance] NIST vs. TFS vs. Silver, Eric Goodman, 03/14/2014
- Re: [Assurance] NIST vs. TFS vs. Silver, Ann West, 03/14/2014
- RE: [Assurance] NIST vs. TFS vs. Silver, Jones, Mark B, 03/14/2014
- RE: [Assurance] NIST vs. TFS vs. Silver, Eric Goodman, 03/14/2014
Archive powered by MHonArc 2.6.16.