Alliance Activities : Publications : PIV Card GUID Recommendation

Recommendation on the Credential Numbering Scheme for the FIPS 201 PIV Card Global Unique Identifier

Publication Date: March 2009

The Smart Card Alliance has published a number of white papers on the value of high assurance, interoperable identity credentials based on Federal Information Processing Standard (FIPS) 201. There are three aspects of FIPS 201 that non-federal government entities cannot comply with:

  1. The Federal Agency Smart Credential Number (FASC-N) schema is limited to federal agencies.

  2. There is no definition for a commercial equivalent to the National Agency Check with Inquiries (NACI) for identity proofing.

  3. The Federal Public Key Infrastructure (PKI) Common Policy cannot be used outside of the federal government.
    This paper discusses the first issue and provides a credential numbering schema that will work for federal as well as non-federal issuers.

In the current Personal Identity Verification (PIV) card data model, there is a reserved space for a Global Unique ID (GUID). The Smart Card Alliance Physical Access Council (PAC) recommends that the best option for generating and populating the GUID field is defined in the Internet Engineering Task Force (IETF) Request for Comments (RFC) 4122. RFC 4122 defines a method that provides a globally-unique, 128-bit number that fits in the reserved space of the GUID.
The GUID addresses numbering as managed by the issuer of the credential, not the relying party, such as a physical access control system (PACS) or a local network. This paper proposes that additional work should be done on mutual registration for PIV. This mutual registration process will allow the GUID to be registered with a PACS system so that the credential can be given a local credential number and other attributes, potentially including an authentication key or Internet Protocol version 6 (IPv6) address.

About the Smart Card Alliance Physical Access Council

The Smart Card Alliance Physical Access Council is focused on accelerating widespread acceptance, use, and application of smart card technology for physical access control. The Council brings together leading users and technologists from both the public and private sectors in an open forum and works on activities that are important to the physical access industry and address key issues that end user organizations have in deploying new physical access system technology. The Physical Access Council includes participants from across the smart card and physical access control system industry, including end users; smart card chip, card, software, and reader vendors; physical access control system vendors; and integration service providers.