The National Institute for Technology and Standards published errata for the NIST SP 800-63-3: Digital Identity Guidelines suite to provide additional clarification on requirements and informative sections that many commenters had questions about. The errata — a list of corrections and clarifications — does not change any requirements. What it does do is provide further explanation for stakeholders. To simplify things even further, each volume has an errata table that can be used to navigate directly to the content that was updated.
NIST remains committed to updating these guidelines at a pace that works for government and industry. Stakeholders should feel free to provide feedback through through GitHub or the Digital Identity Guidelines inbox. NIST will consider all comments as it works to ensure that agencies have the richest set of options to improve the delivery of digital identity solutions.
NIST encourages stakeholders to provide feedback so it can best keep pace with emerging threats, stakeholder needs — and marketplace innovation in a manner that works for government and industry. It’s a delicate balance, so suggestions for effectively pacing and improving mechanisms to update the guidelines are encouraged.