Reference (Include section and paragraph number): Section 4
Comment (Include rationale for comment): Since this document is intended to provide an overview of a more-granular identification and authentication process that differs from many traditional methods, it would be useful to describe how 3 or 4 traditional use cases relate to, and fall short of, this standard.
Suggested Change: Add an appendix that compares 63-3 standards to traditional use cases such as (1) obtaining a passport and presenting it to an immigration officer (2) presenting a government-issue picture ID to a guard and signing a visitor register to enter a building (3) using a hard token such as a SecurID fob or a soft token with a password (4) using a hand-scan biometric device with a PIN to enter a data center.
Organization: 1 = Federal, 2 = Industry, 3 = Other
2 Industry
Please note that use cases 1, 2, and 4 that you suggest are outside the scope of this guideline. Digital (remote) authentication does not include in-person authentication or physical access control.
Organization: self
Type: suggestion
Document (63-3, 63A, 63B, or 63C):63-3
Reference (Include section and paragraph number): Section 4
Comment (Include rationale for comment): Since this document is intended to provide an overview of a more-granular identification and authentication process that differs from many traditional methods, it would be useful to describe how 3 or 4 traditional use cases relate to, and fall short of, this standard.
Suggested Change: Add an appendix that compares 63-3 standards to traditional use cases such as (1) obtaining a passport and presenting it to an immigration officer (2) presenting a government-issue picture ID to a guard and signing a visitor register to enter a building (3) using a hard token such as a SecurID fob or a soft token with a password (4) using a hand-scan biometric device with a PIN to enter a data center.
Organization: 1 = Federal, 2 = Industry, 3 = Other 2 Industry