Request for Comments on Federal Information Processing Standard (FIPS) 201-3, 69599-69600 [2020-24283]
Download as PDF
<![CDATA[
Federal Register / Vol. 85, No. 213 / Tuesday, November 3, 2020 / Notices
of this preliminary determination or 45
days after the final determination
whether these imports materially injure,
or threaten material injury to, the U.S.
industry.
Notification to Interested Parties
This determination is issued and
published in accordance with sections
733(f) and 777(i)(1) of the Act and 19
CFR 351.205(c).
Dated: October 27, 2020.
Jeffrey I. Kessler,
Assistant Secretary for Enforcement and
Compliance.
khammond on DSKJM1Z7X2PROD with NOTICES
Appendix I
Scope of the Investigation
The products covered by this investigation
are all types of youth and adult mattresses.
The term ‘‘mattress’’ denotes an assembly of
materials that at a minimum includes a
‘‘core,’’ which provides the main support
system of the mattress, and may consist of
innersprings, foam, other resilient filling, or
a combination of these materials. Mattresses
may also contain: (1) ‘‘Upholstery,’’ the
material between the core and the top panel
of the ticking on a single-sided mattress; or
between the core and the top and bottom
panel of the ticking on a double-sided
mattress; and/or (2) ‘‘ticking,’’ the outermost
layer of fabric or other material (e.g., vinyl)
that encloses the core and any upholstery,
also known as a cover.
The scope of this investigation is restricted
to only ‘‘adult mattresses’’ and ‘‘youth
mattresses.’’ ‘‘Adult mattresses’’ are
frequently described as ‘‘twin,’’ ‘‘extra-long
twin,’’ ‘‘full,’’ ‘‘queen,’’ ‘‘king,’’ or ‘‘California
king’’ mattresses. ‘‘Youth mattresses’’ are
typically described as ‘‘crib,’’ ‘‘toddler,’’ or
‘‘youth’’ mattresses. All adult and youth
mattresses are included regardless of size and
size description.
The scope encompasses all types of
‘‘innerspring mattresses,’’ ‘‘non-innerspring
mattresses,’’ and ‘‘hybrid mattresses.’’
‘‘Innerspring mattresses’’ contain
innersprings, a series of metal springs joined
together in sizes that correspond to the
dimensions of mattresses. Mattresses that
contain innersprings are referred to as
‘‘innerspring mattresses’’ or ‘‘hybrid
mattresses.’’ ‘‘Hybrid mattresses’’ contain two
or more support systems as the core, such as
layers of both memory foam and innerspring
units.
‘‘Non-innerspring mattresses’’ are those
that do not contain any innerspring units.
They are generally produced from foams
(e.g., polyurethane, memory (viscoelastic),
latex foam, gel- infused viscoelastic (gel
foam), thermobonded polyester,
polyethylene) or other resilient filling.
Mattresses covered by the scope of this
investigation may be imported
independently, as part of furniture or
furniture mechanisms (e.g., convertible sofa
bed mattresses, sofa bed mattresses imported
with sofa bed mechanisms, corner group
mattresses, day-bed mattresses, roll-away bed
mattresses, high risers, trundle bed
mattresses, crib mattresses), or as part of a set
VerDate Sep<11>2014
16:55 Nov 02, 2020
Jkt 253001
in combination with a ‘‘mattress foundation.’’
‘‘Mattress foundations’’ are any base or
support for a mattress. Mattress foundations
are commonly referred to as ‘‘foundations,’’
‘‘boxsprings,’’ ‘‘platforms,’’ and/or ‘‘bases.’’
Bases can be static, foldable, or adjustable.
Only the mattress is covered by the scope if
imported as part of furniture, with furniture
mechanisms, or as part of a set in
combination with a mattress foundation.
Excluded from the scope of this
investigation are ‘‘futon’’ mattresses. A
‘‘futon’’ is a bi-fold frame made of wood,
metal, or plastic material, or any combination
thereof, that functions as both seating
furniture (such as a couch, love seat, or sofa)
and a bed. A ‘‘futon mattress’’ is a tufted
mattress, where the top covering is secured
to the bottom with thread that goes
completely through the mattress from the top
through to the bottom, and it does not
contain innersprings or foam. A futon
mattress is both the bed and seating surface
for the futon.
Also excluded from the scope are airbeds
(including inflatable mattresses) and
waterbeds, which consist of air- or liquidfilled bladders as the core or main support
system of the mattress.
Also excluded is certain multifunctional
furniture that is convertible from seating to
sleeping, regardless of filler material or
components, where that filler material or
components are upholstered, integrated into
the design and construction of, and
inseparable from, the furniture framing, and
the outermost layer of the multifunctional
furniture converts into the sleeping surface.
Such furniture may, and without limitation,
be commonly referred to as ‘‘convertible
sofas,’’ ‘‘sofabeds,’’ ‘‘sofa chaise sleepers,’’
‘‘futons,’’ ‘‘ottoman sleepers’’ or a like
description.
Also excluded from the scope of this
investigation are any products covered by the
existing antidumping duty orders on
uncovered innerspring units from China or
Vietnam. See Uncovered Innerspring Units
from the People’s Republic of China: Notice
of Antidumping Duty Order, 74 FR 7661
(February 19, 2009); Uncovered Innerspring
Units from the Socialist Republic of Vietnam,
73 FR 75391 (December 11, 2008).
Also excluded from the scope of this
investigation are bassinet pads with a
nominal length of less than 39 inches, a
nominal width less than 25 inches, and a
nominal depth of less than 2 inches.
Additionally, also excluded from the scope
of this investigation are ‘‘mattress toppers.’’
A ‘‘mattress topper’’ is a removable bedding
accessory that supplements a mattress by
providing an additional layer that is placed
on top of a mattress. Excluded mattress
toppers have a height of four inches or less.
The products subject to this investigation
are currently properly classifiable under
HTSUS subheadings: 9404.21.0010,
9404.21.0013, 9404.29.1005, 9404.29.1013,
9404.29.9085, and 9404.29.9087. Products
subject to this investigation may also enter
under HTSUS subheadings: 9404.21.0095,
9404.29.1095, 9404.29.9095, 9401.40.0000,
and 9401.90.5081. Although the HTSUS
subheadings are provided for convenience
and customs purposes, the written
PO 00000
Frm 00036
Fmt 4703
Sfmt 4703
69599
description of the merchandise subject to this
investigation is dispositive.
Appendix II
List of Topics Discussed in the Preliminary
Decision Memorandum
I. Summary
II. Background
III. Period of Investigation
IV. Discussion of the Methodology
V. Particular Market Situation
VI. Recommendation
[FR Doc. 2020–24297 Filed 11–2–20; 8:45 am]
BILLING CODE 3510–DS–P
DEPARTMENT OF COMMERCE
National Institute of Standards and
Technology
[Docket No. [201023–0280]
Request for Comments on Federal
Information Processing Standard
(FIPS) 201–3
National Institute of Standards
and Technology (NIST), Commerce.
ACTION: Notice; request for comments.
AGENCY:
The National Institute of
Standards and Technology (NIST)
requests comments on Draft Federal
Information Processing Standard (FIPS)
201–3, Personal Identity Verification
(PIV) of Federal Employees and
Contractors (Standard). This Standard
defines common credentials and
authentication mechanisms offering
varying degrees of security for both
logical and physical access applications.
The draft revision proposes changes to
FIPS 201–2, Standard for Personal
Identity Verification of Federal
Employees and Contractors to include:
Expanding specification on the use of
additional PIV credentials known as
derived PIV credentials, procedures for
supervised remote identity proofing, the
use of federation as a means for a
relying system to interoperate with PIV
credentials issued by other agencies,
alignment with the current practice/
policy of the Federal Government and
specific changes requested by Federal
agencies and implementers. Before
recommending these proposed changes
to the Secretary of Commerce for review
and approval, NIST invites comments
from all interested parties.
DATES: Comments on FIPS 201–3 must
be received on or before February 1,
2021.
ADDRESSES: The draft of FIPS 201–3 is
available for review and comment on
the NIST Computer Security Resource
Center website at https://csrc.nist.gov
and at https://www.regulations.gov/.
Comments on FIPS 201–3 may be sent
SUMMARY:
E:\FR\FM\03NON1.SGM
03NON1
khammond on DSKJM1Z7X2PROD with NOTICES
69600
Federal Register / Vol. 85, No. 213 / Tuesday, November 3, 2020 / Notices
electronically to piv_comments@
nist.gov with ‘‘Comment on FIPS 201–
3’’ in the subject line or may be
submitted via https://
www.regulations.gov/. Comments may
also be submitted on the project
repository at https://github.com/
usnistgov/FIPS201. Written comments
may be submitted by mail to
Information Technology Laboratory,
ATTN: FIPS 201–3 Comments, National
Institute of Standards and Technology,
100 Bureau Drive, Mail Stop 8930,
Gaithersburg, MD 20899–8930.
All submissions, including
attachments and other supporting
materials, will become part of the public
record and subject to public disclosure.
NIST reserves the right to publish
relevant comments, unedited and in
their entirety. Relevant comments
received by the deadline will be
published electronically at https://
csrc.nist.gov/, https://
www.regulations.gov/ and the project
repository at https://github.com/
usnistgov/FIPS201 without change or
redaction, so commenters should not
include information they do not wish to
be posted. Personal information, such as
account numbers or Social Security
numbers, or names of other individuals,
should not be included. Do not submit
confidential business information or
otherwise sensitive or protected
information. Comments that contain
profanity, vulgarity, threats, or other
inappropriate language or content will
not be posted or considered.
FOR FURTHER INFORMATION CONTACT:
Hildegard Ferraiolo, National Institute
of Standards and Technology, 100
Bureau Drive, Mail Stop Number 8930,
Gaithersburg, MD 20899–8930, email:
hferraio@nist.gov, phone: (301) 975–
6972.
SUPPLEMENTARY INFORMATION: FIPS 201
defines common credentials and
authentication mechanisms offering
varying degrees of security for both
logical and physical access applications.
Federal departments and agencies will
determine the level of security and
authentication mechanisms appropriate
for their respective applications. The
scope of this Standard is limited to
authentication of an individual’s
identity. Authorization and access
control decisions are outside the scope
of this Standard. Moreover,
requirements for a temporary credential
used until a new or replacement PIV
credential arrives are out of scope of this
Standard.
In accordance with NIST policy, FIPS
201–2 (the version of the Standard
currently in effect) was due for review
in 2018. In consideration of changes in
VerDate Sep<11>2014
16:55 Nov 02, 2020
Jkt 253001
the environment over the last several
years and of specific requests for
changes from Federal agencies, NIST
determined that a revision of FIPS 201–
2 is warranted. NIST has received
numerous change requests, some of
which, after analysis and coordination
with the Office of Management and
Budget (OMB), the Office of Personnel
Management (OPM), and other Federal
agencies, are incorporated in the Draft
FIPS 201–3. Other change requests
incorporated in the Draft FIPS 201–3
result from the 2019 Business
Requirements Meeting held at NIST.
The meeting focused on business
requirements of Federal agencies. The
proposed changes in Draft FIPS 201–3
are:
• Alignment with SP 800–63–3
language and terms.
• Updated OMB policy guidelines
references from rescinded OMB
memorandum M–04–04 to new
guidelines in OMB memorandum M–
19–17.
• Updated process for binding and
termination of derived PIV credentials
with PIV account.
• Updated credentialing requirements
for issuance of PIV Cards based on OPM
guidance.
• Added requirements for supervised
remote identity proofing and PIV Card
maintenance.
• Modified identity proofing
requirements to reflect updated list of
accepted documents.
• Updated guidance on validation of
identity proofing documents.
• Updated guidance on collection of
biometric data for credentialing.
• Clarified multi-session proofing and
enrollment.
• Clarified biometric modalities for
proofing and authentication.
• Provided clarification on grace
periods.
• Deprecated PIV National Agency
Check with Written Inquiries (NACI)
indicator (background investigation
indicator).
• Updated system description and
associated diagrams.
• Generalized chain of trust records
to enrollment records and made these
records required.
• Deprecated the use of magnetic
stripes and bar codes on PIV Cards.
• Linked expiration of content
signing certificate with card
authentication certificate.
• Revised PIN requirements based on
SP 800–63B guidelines.
• Removed requirement for support
of legacy PKIs.
• Expressed authentication assurance
levels in terms of Physical Assurance
Level (PAL) and Authenticator
Assurance Level (AAL).
PO 00000
Frm 00037
Fmt 4703
Sfmt 4703
• Removed previously deprecated
Cardholder Unique Identifier (CHUID)
authentication mechanisms. The CHUID
data element has not been deprecated
and continues to be mandatory.
• Deprecated symmetric card
authentication key and associated
authentication mechanism (SYM–CAK).
• Added support for secure
messaging authentication mechanism
(SM–AUTH).
• Deprecated visual authentication
mechanism (VIS).
• Added section discussing
federation in relationship to PIV
credentials.
A public workshop will be held for
FIPS 201–3. The specific date will be
determined and posted on the NIST
Personal Identity Verification (PIV)
website: https://csrc.nist.gov/Projects/
PIV. Before recommending these
proposed changes to the Secretary of
Commerce for review and approval,
NIST invites comments from all
interested parties.
Authority: 44 U.S.C. 3553(f)(1), 15 U.S.C.
278g–3.
Kevin Kimball,
Chief of Staff.
[FR Doc. 2020–24283 Filed 11–2–20; 8:45 am]
BILLING CODE 3510–13–P
DEPARTMENT OF COMMERCE
National Oceanic and Atmospheric
Administration
Ocean Exploration Advisory Board
(OEAB) Meeting
Office of Ocean Exploration
and Research (OER), National Oceanic
and Atmospheric Administration
(NOAA), Department of Commerce
(DOC).
ACTION: Notice of public meeting.
AGENCY:
This notice sets forth the
schedule and proposed agenda for a
meeting of the Ocean Exploration
Advisory Board (OEAB). OEAB
members will discuss and provide
advice on Federal ocean exploration
programs, with a particular emphasis on
the topics identified in the section on
Matters to Be Considered.
DATES: The announced meeting is
scheduled for Thursday, December 10,
2020, from 1:00 p.m. to 5:00 p.m. EST.
ADDRESSES: This will be a virtual
meeting. Information about how to
participate will be posted to the OEAB
website at https://oeab.noaa.gov.
FOR FURTHER INFORMATION CONTACT: Mr.
David McKinnie, Designated Federal
Officer, Ocean Exploration Advisory
SUMMARY:
E:\FR\FM\03NON1.SGM
03NON1
]]>Agencies
[Federal Register Volume 85, Number 213 (Tuesday, November 3, 2020)]
[Notices]
[Pages 69599-69600]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-24283]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
[Docket No. [201023-0280]
Request for Comments on Federal Information Processing Standard
(FIPS) 201-3
AGENCY: National Institute of Standards and Technology (NIST),
Commerce.
ACTION: Notice; request for comments.
-----------------------------------------------------------------------
SUMMARY: The National Institute of Standards and Technology (NIST)
requests comments on Draft Federal Information Processing Standard
(FIPS) 201-3, Personal Identity Verification (PIV) of Federal Employees
and Contractors (Standard). This Standard defines common credentials
and authentication mechanisms offering varying degrees of security for
both logical and physical access applications. The draft revision
proposes changes to FIPS 201-2, Standard for Personal Identity
Verification of Federal Employees and Contractors to include: Expanding
specification on the use of additional PIV credentials known as derived
PIV credentials, procedures for supervised remote identity proofing,
the use of federation as a means for a relying system to interoperate
with PIV credentials issued by other agencies, alignment with the
current practice/policy of the Federal Government and specific changes
requested by Federal agencies and implementers. Before recommending
these proposed changes to the Secretary of Commerce for review and
approval, NIST invites comments from all interested parties.
DATES: Comments on FIPS 201-3 must be received on or before February 1,
2021.
ADDRESSES: The draft of FIPS 201-3 is available for review and comment
on the NIST Computer Security Resource Center website at https://csrc.nist.gov and at https://www.regulations.gov/. Comments on FIPS
201-3 may be sent
[[Page 69600]]
electronically to [email protected] with ``Comment on FIPS 201-3''
in the subject line or may be submitted via https://www.regulations.gov/. Comments may also be submitted on the project
repository at https://github.com/usnistgov/FIPS201. Written comments
may be submitted by mail to Information Technology Laboratory, ATTN:
FIPS 201-3 Comments, National Institute of Standards and Technology,
100 Bureau Drive, Mail Stop 8930, Gaithersburg, MD 20899-8930.
All submissions, including attachments and other supporting
materials, will become part of the public record and subject to public
disclosure. NIST reserves the right to publish relevant comments,
unedited and in their entirety. Relevant comments received by the
deadline will be published electronically at https://csrc.nist.gov/,
https://www.regulations.gov/ and the project repository at https://github.com/usnistgov/FIPS201 without change or redaction, so commenters
should not include information they do not wish to be posted. Personal
information, such as account numbers or Social Security numbers, or
names of other individuals, should not be included. Do not submit
confidential business information or otherwise sensitive or protected
information. Comments that contain profanity, vulgarity, threats, or
other inappropriate language or content will not be posted or
considered.
FOR FURTHER INFORMATION CONTACT: Hildegard Ferraiolo, National
Institute of Standards and Technology, 100 Bureau Drive, Mail Stop
Number 8930, Gaithersburg, MD 20899-8930, email: [email protected],
phone: (301) 975-6972.
SUPPLEMENTARY INFORMATION: FIPS 201 defines common credentials and
authentication mechanisms offering varying degrees of security for both
logical and physical access applications. Federal departments and
agencies will determine the level of security and authentication
mechanisms appropriate for their respective applications. The scope of
this Standard is limited to authentication of an individual's identity.
Authorization and access control decisions are outside the scope of
this Standard. Moreover, requirements for a temporary credential used
until a new or replacement PIV credential arrives are out of scope of
this Standard.
In accordance with NIST policy, FIPS 201-2 (the version of the
Standard currently in effect) was due for review in 2018. In
consideration of changes in the environment over the last several years
and of specific requests for changes from Federal agencies, NIST
determined that a revision of FIPS 201-2 is warranted. NIST has
received numerous change requests, some of which, after analysis and
coordination with the Office of Management and Budget (OMB), the Office
of Personnel Management (OPM), and other Federal agencies, are
incorporated in the Draft FIPS 201-3. Other change requests
incorporated in the Draft FIPS 201-3 result from the 2019 Business
Requirements Meeting held at NIST. The meeting focused on business
requirements of Federal agencies. The proposed changes in Draft FIPS
201-3 are:
Alignment with SP 800-63-3 language and terms.
Updated OMB policy guidelines references from rescinded
OMB memorandum M-04-04 to new guidelines in OMB memorandum M-19-17.
Updated process for binding and termination of derived PIV
credentials with PIV account.
Updated credentialing requirements for issuance of PIV
Cards based on OPM guidance.
Added requirements for supervised remote identity proofing
and PIV Card maintenance.
Modified identity proofing requirements to reflect updated
list of accepted documents.
Updated guidance on validation of identity proofing
documents.
Updated guidance on collection of biometric data for
credentialing.
Clarified multi-session proofing and enrollment.
Clarified biometric modalities for proofing and
authentication.
Provided clarification on grace periods.
Deprecated PIV National Agency Check with Written
Inquiries (NACI) indicator (background investigation indicator).
Updated system description and associated diagrams.
Generalized chain of trust records to enrollment records
and made these records required.
Deprecated the use of magnetic stripes and bar codes on
PIV Cards.
Linked expiration of content signing certificate with card
authentication certificate.
Revised PIN requirements based on SP 800-63B guidelines.
Removed requirement for support of legacy PKIs.
Expressed authentication assurance levels in terms of
Physical Assurance Level (PAL) and Authenticator Assurance Level (AAL).
Removed previously deprecated Cardholder Unique Identifier
(CHUID) authentication mechanisms. The CHUID data element has not been
deprecated and continues to be mandatory.
Deprecated symmetric card authentication key and
associated authentication mechanism (SYM-CAK).
Added support for secure messaging authentication
mechanism (SM-AUTH).
Deprecated visual authentication mechanism (VIS).
Added section discussing federation in relationship to PIV
credentials.
A public workshop will be held for FIPS 201-3. The specific date
will be determined and posted on the NIST Personal Identity
Verification (PIV) website: https://csrc.nist.gov/Projects/PIV. Before
recommending these proposed changes to the Secretary of Commerce for
review and approval, NIST invites comments from all interested parties.
Authority: 44 U.S.C. 3553(f)(1), 15 U.S.C. 278g-3.
Kevin Kimball,
Chief of Staff.
[FR Doc. 2020-24283 Filed 11-2-20; 8:45 am]
BILLING CODE 3510-13-P
