Appendix D. The NIST and NIST Documents


The U.S. National Institute of Science and Technology (NIST) has been in existence for more than 100 years under a variety of names. For some time now, it has been part of the U.S. Department of Commerce and, until recently, was called the National Bureau of Standards (NBS). NIST's purpose is "to develop and promote measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life" [NIST].

The aspect of NIST of interest to us is its publication of Federal Information Processing Standards (FIPS). In principle, FIPS are binding only on agencies and other parts of the U.S. government. In practice, they are very influential and commonly become the definitive description of an algorithm or security practice. At the same time, NIST is mandated to work with private industry in the development of national and international voluntary standards, some of which then become FIPS.

graphics/soapbox.gif

Amazingly, the rules of some international standards bodies prohibit them from making normative references to NIST documents but permit them to make normative references to IETF RFCs. This situation arises because NIST FIPS are "national" documents describing U.S. standards but these international bodies have recognized the IETF as a competent "international" organization. (This restriction may apply even where the IETF document is an Informational RFC that effectively restates a NIST FIPS!) This stance seems curious but makes political sense, even though NIST documents tend to be more solid, polished and formal than the average IETF RFC.


Note the following:

  • NIST and other parts of the U.S. government chose and refined the Data Encryption Standard, DES [FIPS 46-3, 81], from industry proposals.

  • The government generated the Digital Signature Algorithm/Standa

  • The government generated the Digital Signature Algorithm/Standard, DSA/DSS [FIPS 186-2] and related Secure Hash Standard, SHA-1 [FIPS 180-1] and upcoming extensions [FIPS 180-2].

  • NIST chose the Advanced Encryption Standard [AES] in a contest generally recognized as fair, open, and international.

You can find more general information at [NIST].



Secure XML(c) The New Syntax for Signatures and Encryption
Secure XML: The New Syntax for Signatures and Encryption
ISBN: 0201756056
EAN: 2147483647
Year: 2005
Pages: 186

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net