Here is the text of the NIST sp800-63b Digital Identity Guidelines.

  • umami_wasabi@lemmy.ml
    link
    fedilink
    English
    arrow-up
    42
    ·
    edit-2
    2 months ago

    the document is nearly impossible to read all the way through and just as hard to understand fully

    It is a boring document but it not impossible to read through, nor understand. The is what compliances officer do. I have a (useless) cybersecurity degree and reading NIST publications is part of my lecture.

    • GoofSchmoofer@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      It sets both the technical requirements and recommended best practices for determining the validity of methods used to authenticate digital identities online. Organizations that interact with the federal government online are required to be in compliance

      My argument is that if this document (and others) are requirements for companies shouldn’t there also be a more approachable document for people to use?

      Sure, have the jargon filled document that those in the know can access, but without an additional not so jargon-y document you’ve just added a barrier to change. Maybe just an abstract of the rule changes on the front page without the jargon?

      I don’t know, maybe it’s not a big deal to compliance officers but just seems to me (someone that isn’t a compliance officer) that obfuscating the required changes behind jargon and acronyms is going to slow adoption of the changes.