Public Webinar: NIST IR 8587, Protecting Tokens and Assertions from Forgery, Theft, and Misuse (Initial Public Draft)
Date: January 23, 2026
Time: 12:00 – 1:00 PM ET
This free live webinar, hosted by the NIST and the Cybersecurity and Infrastructure Security Agency (CISA), introduces the recently released initial public draft of NIST Interagency Report 8587, “Protecting Tokens and Assertions from Forgery, Theft, and Misuse. During the webinar, the Report’s authors will walk through key implementation guidance aimed at federal agencies and cloud service providers (CSPs) to secure identity tokens and assertions against forgery, theft, and misuse.
This information is especially relevant for identity and access management professionals, federal IT teams, and CSPs serving government clients, as it addresses critical vulnerabilities in modern cloud and federated identity systems.
Feedback Sought
During this event, we will familiarize the audience with the draft Report and encourage written feedback during the open comment period (closing on January 30, 2026). We encourage broad input from government and industry stakeholders and are specifically hoping for feedback on:
- Signing Key Validity Periods
- Token Validity Periods
- Key Protection and Isolation
- Key Scoping
- Emerging Standards
Attending the webinar is a great opportunity to prepare informed comments before the deadline. We look forward to seeing you there!