NISTIR 7863

Citation
National Institute of Standards and Technology, Cardholder Authentication for the PIV Digital Signature Key (NISTIR 7863) (June 18, 2015) (full-text).

Overview
The document provides clarification for the requirement in FIPS 201-2 that a PIV cardholder perform an explicit user action prior to each use of the digital signature key stored on the card. The document clarifies the requirement for “explicit user action” and specifies a range of PIN caching options that maintains the goal of ‘explicit user action’ while adhering to consistent and reliable level of security. The document will encourage the development of compliant applications and middleware that use the digital signature key.