OMB directed the National Institute of Standards and Technology (NIST) to develop the technical infrastructure (standards and testing) necessary to support wide-scale adoption of IPv6 in the US Government (USG). In response, NIST developed a technical standards profile for US Government acquisition of IPv6-enabled networked information technology. The USGv6 Profile includes a forward-looking set of protocol specifications published by the Internet Engineering Task Force (IETF), encompassing basic IPv6 functionality, and specific requirements and key optional capabilities for routing, security, multicast, network management, and quality of service. The profile also contains NIST defined requirements for IPv6 aware firewalls and intrusion detection systems. The program also I established a robust testing infrastructure to enable IPv6 products to be tested for compliance to profile requirements and for interoperability by accredited laboratories using standardized test methods.
NIST is Working with other USG agencies and industry to develop and maintain the standards, test program, deployment guidance and test and measurement tools necessary to provide the technical basis for wide-scale adoption of IPv6 in the USG.
2008 - NIST develops first USGv6 Profile:
2010 - NIST develops IPv6 Security Guidance to support USG deployment initiatives:
2009 -NIST establishes industry led USGv6 Test Program:
2011 - NIST develops test and measurement tools to support USG deployment initiatives:
2019 - Revision 1 of the USGv6 Profile and Test Program under development (see below).
DRAFT2 of USGv6 Revision 1 Specifications Available for Public Comment
The first version of the of the USGv6 standards profile was published in 2008 and the USGv6 test program became operational in 2009. In the years since the USGv6 Program (as the effort is commonly known) has been referenced in Federal Acquisition Regulations, used as the basis for USG Agency strategic plans and acquisition policies and has resulted in the detailed documentation and test of IPv6 capabilities in a large number of commercial products.
This first major revision of the USGv6 program updates the standards profiles and testing program to achieve several goals:
- To update the set of Internet Engineering Task Force (IETF) specifications that form the basis for the USGv6 profile to their latest published version.
- To add new specifications for important IPv6 capabilities that have been developed since the publication of the first profile.
- Highlights of these additions include technologies to support emerging use cases such as the Internet of Things, new forms of IPv6 transition technologies, support for “IPv6 Only” environments, and better support for specification of IPv6 enabled applications.
- To remove specifications for IPv6 capabilities included in the first version of the profile but that has since failed to achieve significant support in commercial products and network deployments.
- To update and consolidate the description of the USGv6 Test Program to reflect the lessons learned in the operation of that program to date.
- Highlights of these changes include a more concise and consistent notation for documenting IPv6 capabilities, better support for testing in IPv6-Only environments, and an improved and streamlined Supplier’s Declaration of Conformity (SDOC) for documenting test results.
- To separate the definition of IPv6 Capability Profiles from their specific use in USG acquisition programs so as to permit other user groups to re-use the capability profiles and their aligned product testing programs.
To achieve this last goal, we have divided the original USGv6 profile into two separate documents. The NIST IPv6 Profile defines a basic taxonomy of IPv6 capabilities as defined in IETF specifications, resulting in named capability sets for common network functions and usage scenarios. The USGv6 Profile defines how this generic capability profile should be used by USG agencies in acquisitions.
DRAFT2 -Revised documents available for public review and comment. Comments due by June 7, 2019.
NIST and its partners in the USGv6 Program solicit public review and comment on the following revised specifications:
- Resolution of comments received on the first draft of this specifications: draft1-usgv6-r1-comment-resolutions.pdf
- "NIST IPv6 Profile", draft2-nist-sp-500-267ar1.pdf May 2019.
- "NISTv6 Capabilities Table", draft2-nct-r1.pdf May 2019.
- "USGv6 Profile", DRAFT NIST SP-500-267Br1, (coming soon).
- "USGv6 Capabilities Table", draft2-uct-r1.pdf , May 2019.
- "USGv6 Test Program Guide", draft-nist-sp-500-281ar1.pdf , May 2019.
- "USGv6 Suppliers Declaration of Conformity", draft-sp500-281ar1s.pdf , May 2019.
- "USGv6 Test Methods: General Description and Validation",nist-sp-500-281br1.pdf , May 2019.
revised draft documents available for 2nd round of public comments. Comments due by june 7, 2019.
Additional Technical Details
NIST was tasked [OMB-M05-22] to develop the technical basis (standards and testing) to facilitate broad US Government (USG) initiatives in IPv6 adoption. The resulting USGv6 Program provides a standards profile and product test program to facilitate the trustworthy acquisition of IPv6 enabled networked information technology products and services. The USGv6 Profile and USGv6 Test Program were designed to leverage and align to the maximum extent possible existing industry-led efforts on product test and certification [IPV6-Ready, IPv6-Forum] and other profiling and testing efforts at the time [DODv6].
Today the USGv6 Program is thriving with USG agencies using both the profile and test program to guide product acquisitions and accredited test labs working with the vendor community to complete and document standardized conformance and interoperability tests of emerging IPv6 enabled products. Aspects of the USGv6 Program are referenced in other USG initiatives and policies [FAR-2005-041, OMB-IPv6, OMB-M17-06].
The USGv6 Program is comprised of the following key components:
- The USGv6 Standards Profile
- "A Profile for IPv6 in the U.S. Government - Version 1.0", NIST SP-500-267, July 2008.
- The USGv6 Test Program
- "IPv6 Test Methods: General Description and Validation", NIST SP-500-273, November 2009.
- "USGv6 Testing Program User's Guide", NIST SP-500-281, November 2009.
- "Suppliers Declaration of Conformity (SDOC) for USGv6 Products - version 1.10", usgv6-v1-sdoc-v1.10.xlsx
- USGv6 Test Methods
- "Grant of Use Rights: IPv6 Test Specifications", MOU between NIST and the IPv6 Forum , April 2008.
- USGv6v1 Test Selection Tables:
USGv6-v1 Test Selection Tables Capability Conformance Tests Interoperability Tests Basic basic_v1.3_c.pdf basic_v1.2_i.pdf Addr_Arch addr_arch_v1.2_c.pdf addr_arch_v1.1_i.pdf SLAAC slaac_v1.2_c.pdf slaac_v1.3_i.pdf DHCP_Client dhcp_client_v1.0_c.pdf dhcp_client_v1.0_i.pdf DCHP_Server dhcp_server_v1.0_c.pdf dhcp_serv_v1.0_i.pdf IPsecv3 ipsecv3_v1.3_c.pdf ipsecv3_v1.2_i.pdf ESP esp_v1.1_c.pdf esp_v1.1_i.pdf IKEv2 ikev2_v1.1_c.pdf ikev2_v2.0_i.pdf IKEv1 ikev2_v1.0_i.pdf OSFPv3 ospfv3_v1.2.pdf BGP bgp_v1.1_i.pdf NPD usgv6_npd.pdf NPD_FW usgv6_npd_fw.pdf NPD_IDS usgv6_npd_ids.pdf NPD_IPS usgv6_npd_ips.pdf NPD_APFW usgv6_npd_apfw.pdf
- USGv6 Accredited Test Labs:
- USGv6 Test Method Validation:
- 2019 Inter-laboratory Comparison Requirements:
- Implementation to test: Ubuntu Linux Desktop 18.04.3
- Capabilities to test: 2019-interlab-css := USGv6-r1:Host + Core.
- 2019 Inter-laboratory Comparison Requirements:
For questions about the USGv6 Program, contact: email@example.com
- [OMB-M05-22] K. Evans, "Transition Planning for Internet Protocol Version 6 (IPv6): Memorandum for The Chief Information Officers", August 2005. Online at: https://georgewbush-whitehouse.archives.gov/omb/memoranda/fy2005/m05-22.pdf
- [SP500-267] D. Montgomery, S. Nightingale, S. Frankel, M. Carson, "A Profile for IPv6 in the U.S. Government - Version 1.0", NIST SP-500-267, July 2008. Online at: https://dx.doi.org/10.6028/NIST.SP.500-267
- [NIST-IPv6F] "Grant of Use Rights: IPv6 Test Specifications", MOU between NIST and the IPv6 Forum, April 2008. Online at: https://www.nist.gov/document/ipv6forumnistmoupdf
- [SP500-273] S. Nightingale, "IPv6 Test Methods: General Description and Validation", NIST SP-500-273, November 2009. Online at: https://dx.doi.org/10.6028/nist.sp.500-273v2
- [SP500-281] S. Nightingale, D. Montgomery, "USGv6 Testing Program User's Guide", NIST SP-500-281, November 2009. Online at: https://doi.org/10.6028/NIST.SP.500-281-v1.0
- [USGv6-Tested] USGv6 Tested Registry. Online at: https://www.iol.unh.edu/registry/usgv6
- [FAR-2005-041] "Federal Acquisition Regulation: FAR Case 2005-041, Internet Protocol Version 6 (IPv6)", December 2009. Online at: https://www.federalregister.gov/documents/2009/12/10/E9-28931/federal-ac...
- [OMB-IPv6] V. Kundra, "Transition to IPv6: Memorandum for Chief Information Officers of Executive Departments and Agencies", September 2010. Online at: https://www.whitehouse.gov/sites/whitehouse.gov/files/omb/assets/egov_do...
- [OMB-M17-06] S. Donovan, H. Shelanski, T. Scott, "Policies for Federal Agency Public Websites and Digital Services: Memorandum for The Heads of Executive Departments and Agencies", November 2016. Online at: https://www.whitehouse.gov/sites/whitehouse.gov/files/omb/memoranda/2017...
- [IPV6-Ready] "IPv6 Ready Logo Program", The IPv6 Forum, on going. Online at: https://www.ipv6ready.org/
- [IPv6-Forum] "The IPv6 Forum", on going. Online at: http://www.ipv6forum.com/
- [DODv6] "DoD IPv6 Standard Profiles For IPv6 Capable Products Version 5.0", DISR IPv6 Standards Technical Working Group, July 2010. Online at: http://jitc.fhu.disa.mil/apl/ipv6/pdf/disr_ipv6_50.pdf
- [IAB-IPv6] "IAB Statement on IPv6", Internet Architecture Board, November 2016. Online at: https://www.iab.org/2016/11/07/iab-statement-on-ipv6/
- [IETF-OPSEC] "IETF Operational Security Capabilities for IP Network Infrastructure (opsec) Working Group", Internet Engineering Task Force, on going. Online at: https://datatracker.ietf.org/wg/opsec/about/
- [IETF-V6OPS] "IETF IPv6 Operations (v6ops) Working Group", Internet Engineering Task Force, Online at: https://datatracker.ietf.org/wg/v6ops/about/
- [SP500-267Ar1] D. Montgomery, S. Frankel, M. Carson, T. Winters, M. Newcombe, T. Carlin, "NIST IPv6 Profile", NIST SP-500-267Ar1, July 2018. Online at: https://dx.doi.org/10.6028/NIST.SP.500-267Ar1
- [SP500-267Ar1s] D. Montgomery, S. Frankel, M. Carson, T. Winters, M. Newcombe, T. Carlin, "NISTv6 Capabilities Table", NIST SP-500-267Ar1s, July 2018. Online at: https://dx.doi.org/10.6028/NIST.SP.500-267Ar1s
- [SP500-267Br1] D. Montgomery, S. Frankel, M. Carson, T. Winters, M. Newcombe, T. Carlin, "USGv6 Profile", NIST SP-500-267Br1, July 2018. Online at: https://dx.doi.org/10.6028/NIST.SP.500-267Br1
- [SP500-267Br1s] D. Montgomery, S. Frankel, M. Carson, T. Winters, M. Newcombe, T. Carlin, "USGv6 Capabilities Table", NIST SP-500-267Br1s, July 2018. Online at: https://dx.doi.org/10.6028/NIST.SP.500-267Br1s
- [SP500-281Ar1] D. Montgomery, S. Nightingale, E. Johnson, M. Newcombe, T. Winters, "USGv6 Test Program Guide", NIST SP-500-281Ar1, July 2018. Online at: https://dx.doi.org/10.6028/NIST.SP.500-281Ar1
- [SP500-281Ar1s] D. Montgomery, S. Nightingale, E. Johnson, M. Newcombe, T. Winters, "USGv6 Suppliers Declaration of Conformity", NIST SP-500-281Ar1s, July 2018. Online at: https://dx.doi.org/10.6028/NIST.SP.500-281Ar1s
- [SP500-281Br1] D. Montgomery, S. Nightingale, E. Johnson, M. Newcombe, T. Winters, "USGv6 Test Methods: General Description and Validation", NIST SP-500-281Br1, July 2018. Online at: https://dx.doi.org/10.6028/NIST.SP.500-281Br1
- [USGv6-Web] NIST USGv6 Program. Online at: https://www.nist.gov/programs-projects/usgv6-program