usnistgov / 800-63-3

Home to public development of NIST Special Publication 800-63-3: Digital Authentication Guidelines
https://pages.nist.gov/800-63-3/
Other
703 stars 102 forks source link

Threats - Mitigations strategies #267

Closed KantaraInitiative-IAWG closed 8 years ago

KantaraInitiative-IAWG commented 8 years ago

Organization: Kantara Initiative

Type: 2

Document (63-3, 63A, 63B, or 63C): SP 800-63B

Reference (Include section and paragraph number): Section 8.2 - Threat Mitigation Strategies

(KI Ref: KI/ADG#25)

Comment (Include rationale for comment): Phishing/pharming and social engineering both have the same mitigation strategy as for "eavesdropping". Is that intended?

Suggested Change: Add the correct mitigation strategies for the threats.

jimfenton commented 8 years ago

We will update the mitigation mechanisms.