[Federal Register Volume 70, Number 25 (Tuesday, February 8, 2005)]
[Notices]
[Pages 6623-6625]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 05-2414]


-----------------------------------------------------------------------

DEPARTMENT OF COMMERCE

National Institute of Standards and Technology

[Docket No. 021127288-2288-01]


Announcing Approval of Withdrawal of Seventeen (17) Federal 
Information Processing Standards (FIPS) Publications

AGENCY: National Institute of Standards and Technology (NIST), 
Commerce.

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: The purpose of this notice is to announce that the Secretary 
of Commerce has approved the withdrawal of seventeen (17) Federal 
Information Processing Standards (FIPS) Publications.
    These FIPS are being withdrawn because they are obsolete, or have 
not been updated to adopt current voluntary industry standards, current 
federal data standards, or current good practices for information 
security. This situation preserves obsolete standards for agency use.
    Some of these FIPS adopt voluntary industry standards. Federal 
agencies and departments are directed by the National Technology 
Transfer and Advancement Act of 1995 (Public Law 104-113) to use 
technical standards that are developed in voluntary consensus standards 
bodies. Consequently, FIPS

[[Page 6624]]

that duplicate voluntary industry standards are no longer needed.
    Some of these FIPS adopt data standards that are developed and used 
by other Federal government agencies. These FIPS have not been updated 
to reflect changes and modifications that have been made to the data 
representations. The remaining FIPS provide advisory guidance to 
Federal agencies on information security issues. This advisory 
guidance, which is not compulsory and binding, has been updated by NIST 
and issued in more recent recommendations and publications.

EFFECTIVE DATE: This withdrawal is effective February 8, 2005.

FOR FURTHER INFORMATION CONTACT: Ms. Shirley M. Radack, telephone (301) 
975-2833, National Institute of Standards and Technology, Gaithersburg, 
MD 20899.

SUPPLEMENTARY INFORMATION: A notice was published in the Federal 
Register (Volume 68, Number 42, pages 10204-10205), proposing the 
withdrawal of seventeen Federal Information Processing Standards (FIPS) 
Publications. The Federal Register notice solicited comments from the 
public, academic and research communities, manufacturers, voluntary 
standards organizations, and Federal, state, and local government 
organizations. In addition to being published in the Federal Register, 
the notice was posted on the NIST Web pages; information was provided 
about the submission of electronic comments.
    Comments and questions were received from two private sector 
organizations or individuals, and from two federal government 
organizations. The comments dealt with the data representations in FIPS 
55-3, Codes for Named Populated Places, Primary County Divisions, and 
Other Locational Entities of the United States, Puerto Rico, and the 
Outlying Areas, and in FIPS 95-2, Codes for the Identification of 
Federal and Federally Assisted Organizations. These data 
representations will continue to be maintained by the responsible 
agencies when the FIPS are withdrawn, and NIST will continue to 
maintain links from its Web pages to the appropriate agency Web pages 
that provide the data representations.
    NIST recommended that the Secretary approve the withdrawal of the 
seventeen FIPS Publications, and prepared a detailed justification 
document for the Secretary's review in support of that recommendation.
    Following is an analysis of the comments received.
    Comment: FIPS 95-2, Codes for the Identification of Federal and 
Federally Assisted Organizations is an extremely important document 
that is vital for government wide and industry wide information sharing 
and data organization. It is true that the document has not been 
updated recently, but the coding standards are still the best structure 
available for organizing and presenting government information by 
entity. There is no commercial equivalent for this data standard.
    It is vital not only for industry, but also to facilitate 
information sharing and collaboration among government organizations 
that is essential to support homeland security. FIPS 95-2 should be 
updated and kept current, or an equivalent system be implemented, 
especially in this time of government restructuring and reorganization.
    Response: The data representations for Federal organizations that 
are available on NIST's web pages have not been updated since 1999. 
This database of data representations for Federal organizations is 
maintained by the Bureau of the Census, and will continue to be 
available to government and private sector organizations that need to 
use it. NIST will maintain a link from the entry to the withdrawn FIPS 
95-2 to the Bureau of the Census Web pages.
    Comment: Could you provide a reference to voluntary industry 
standards that have replaced FIPS 55-3, Codes for Named Populated 
Places, Primary County Divisions, and Other Locational Entities of the 
United States, Puerto Rico, and the Outlying Areas, and FIPS 95-2, 
Codes for the Identification of Federal and Federally Assisted 
Organizations.
    Response: FIPS 55 and FIPS 95 currently provide data 
representations that are issued and maintained by Federal government 
agencies, but not by NIST.
    FIPS 55 implements the provisions of ANSI X3.47-1993, and contains 
codes for named populated places, primary county divisions, and other 
locational entities of the U.S. and areas under the jurisdiction of the 
U.S. It also includes representations for federal government 
information such as postal codes, General Services Administration 
codes, and Bureau of the Census data. The maintenance of FIPS 55 is the 
responsibility of the U.S. Geological Survey (USGS).
    FIPS 95 provides data representations for Federal and Federally 
assisted organizations, and is maintained by the Bureau of the Census 
with input from the General Services Administration and the Department 
of Defense.
    Both sets of data representations will continue to be issued and 
maintained by the responsible agencies when the FIPS are withdrawn. 
NIST plans to have links from its Web pages to the appropriate agency 
Web pages that provide the data representations. In addition, NIST is 
investigating the possibility of a voluntary industry standards 
committee accepting the standard data representations and assigning 
registration authority for the data representations to the agencies 
that are currently issuing and maintaining them.
    This notice provides the FIPS publication number, title, and the 
technical specifications number for each of the seventeen FIPS 
Publications being withdrawn:

FIPS 8-6, Metropolitan Areas (Including MSAs, CMSAs, PMSAs, and 
NECMAs).
FIPS 9-1, Congressional Districts of the U.S.
FIPS 31, Guidelines for Automatic Data Processing Physical Security and 
Risk Management.
FIPS 48, Guidelines on Evaluation of Techniques for Automated Personal 
Identification.
FIPS 55-3, Codes for Named Populated Places, Primary County Divisions, 
and Other Locational Entities of the United States, Puerto Rico, and 
the Outlying Areas.
FIPS 66, Standard Industrial Classification (SIC) Codes.
FIPS 73, Guidelines for Security of Computer Applications.
FIPS 83, Guideline on User Authentication Techniques for Computer 
Network Access Control.
FIPS 87, Guidelines for ADP Contingency Planning.
FIPS 92, Guideline for Standard Occupational Classification (SOC) 
Codes.
FIPS 95-2, Codes for the Identification of Federal and Federally 
Assisted Organizations.
FIPS 102, Guideline for Computer Security Certification and 
Accreditation.
FIPS 112, Password Usage.
FIPS 127-2, Database Language SQL (ANSI X3.135-1992).
FIPS 159, Detail Specification for 62.5-um Core Diameter/125-um 
Cladding Diameter Class 1A Multimode, Graded-index Optical Waveguide 
Fibers.
FIPS 171, Key Management Using ANSI X9.17.
FIPS 173-1, Spatial Data Transfer Standard.

    Withdrawal means that the FIPS will no longer be part of a 
subscription series that is provided by the National

[[Page 6625]]

Technical Information Service, and that NIST will no longer be able to 
support the standards by answering implementation questions or updating 
the FIPS when the voluntary industry standards are revised. NIST will 
continue to provide relevant information on standards and guidelines by 
means of electronic dissemination methods, and will keep references to 
the withdrawn FIPS on its FIPS Web pages.

    Authority: Federal Information Processing Standards Publications 
(FIPS PUBS) are issued by the National Institute of Standards and 
Technology after approval by the Secretary of Commerce pursuant to 
Section 5131 of the Information Technology Management Reform Act of 
1996 (Pub. L. 104-106), the Federal Information Security Management 
Act of 2002 (Pub. L. 107-347), and Appendix III to Office of 
Management and Budget Circular A-130.

    Executive Order 12866: This notice has been determined to be not 
significant under Executive Order 12866.

    Dated: February 2, 2005.
Hratch G. Semerjian,
Acting Director.
[FR Doc. 05-2414 Filed 2-7-05; 8:45 am]
BILLING CODE 3510-CN-P