USGv6 Revision 1

The first version of the of the USGv6 standards profile was published in 2008 and the USGv6 test program became operational in 2009.   In the years since the USGv6 Program (as the effort is commonly known) has been referenced in Federal Acquisition Regulations, used as the basis for USG Agency strategic plans and acquisition policies and has resulted in the detailed documentation and test of IPv6 capabilities in a large number of commercial products.

In November 2020, OMB issued memorandum M-21-07 "Completing the Transition to Internet Protocol Version 6 (IPv6)",  which outlines the Federal government's strategic intent "to deliver its information services, operate its networks, and access the services of others using only IPv6".   The policy also instructed NIST to update and expand its USGv6 standards profile and test program to facilitate this government-wide initiative.

In anticipation of this request, NIST and its partners undertook a significant revision of the USGv6 Profile and Test Program to update their technical specifications and streamline their use in Federal procurement processes. USGv6-r1, the first major revision of the USGv6 Program, has several objectives:

1. To update the set of Internet Engineering Task Force (IETF) specifications that form the basis for the USGv6 profile to their latest published version.
2. To add new specifications for important IPv6 capabilities that have been developed since the publication of the first profile. 
   • Highlights of these additions include technologies to support emerging use cases such as the Internet of Things, new forms of IPv6 transition technologies, support for “IPv6-Only” environments, and better support for specification of IPv6 enabled applications.
3. To remove specifications for IPv6 capabilities included in the first version of the profile, but that have since failed to achieve significant support in commercial products and network deployments.
4. To simplify the means of expressing product IPv6 requirements and capabilities.  
   • The same concise Capability Summary String (CSS) notation is used for expressing product requirements and the results of product testing.
     • Example-Host = USGv6-r1:Host + IPv6-Only + Core + Addr-Arch + Multicast + DHCP-Client + TLS + Link=Ethernet
   • A concise summary of the technical definition of each named IPv6 capability is provided by the USGv6 Capabilities Table.
   • More detailed guidance is provided on recommended minimal requirements for products to be considered "USGv6 Capable".
5. To separate the definition of IPv6 Capability Profiles from their specific use in USG acquisition programs so as to permit other user groups to re-use the capability profiles and their aligned product testing programs.To achieve this last goal, we have refactored the original USGv6 profile into two distinct documents.  
   • The NIST IPv6 Profile defines a basic taxonomy of IPv6 capabilities defined in terms of IETF specifications, resulting in named capability sets for common network functions and usage scenarios.    
   • The USGv6 Profile, inherits from and refines the generic NIST IPv6 profile for use in Federal IT acquisitions.
6. To update and consolidate the description and operation of the USGv6 Test Program to reflect the lessons learned in the implementation of that program to date.
   • Highlights of these changes include a more concise and consistent notation for documenting IPv6 capabilities, better support for testing in IPv6-Only environments, and an improved and streamlined Supplier’s Declaration of Conformity (SDOC) for documenting test results.
   • This revision to the USGv6 Test Program strengthens the commitment to maintain synchronization with the industry driven IPv6 Ready Logo program so as to minimize testing requirements on vendors.

The USG move toward IPv6-only network environments dramatically increases the need to assure the quality, completeness and interoperability of the IPv6 capabilities in IT products and services.  While IPv6-only environments will greatly reduce the complexity of operating dual-stacked networks, it does imply that systems will not be able to rely on IPv4 as a fall back service.  This revision to the USGv6 Profile and Test Program is aimed at providing the tools that agencies can use to protect future investments in IPv6 enabled products and services.

Questions or comments about the USGv6 Program can be sent to the discussion list: usgv6-program [at] list.nist.gov

USGv6 Revision 1 Specifications:

NIST and its partners in the USGv6 Program have published the specifications below: 

Standards Profiles:

• "NIST IPv6 Profile",  NIST Special Publication (NIST SP) - 500-267Ar1, November 2020.
  • https://doi.org/10.6028/NIST.SP.500-267Ar1
•  "NISTv6 Capabilities Table", NIST Special Publication (NIST SP) - 500-267Ar1s, November 2020.
  • https://doi.org/10.6028/NIST.SP.500-267Ar1s
•  "USGv6 Profile",  NIST Special Publication (NIST SP) - 500-267Br1,   November 2020.
  • https://doi.org/10.6028/NIST.SP.500-267Br1
•  "USGv6 Capabilities Table", NIST Special Publication (NIST SP) - 500-267Br1s, November 2020.
  • https://doi.org/10.6028/NIST.SP.500-267Br1s

Test Program:

•  "USGv6 Test Program Guide", NIST Special Publication (NIST SP) - 500-281Ar1, November 2020.
  • https://doi.org/10.6028/NIST.SP.500-281Ar1
•  "USGv6 Suppliers Declaration of Conformity", NIST Special Publication (NIST SP) - 500-281Ar1s, November 2020.
  • https://doi.org/10.6028/NIST.SP.500-281Ar1s
• "USGv6 Test Methods: General Description and Validation", NIST Special Publication (NIST SP) - 500-281Br1, November 2020.
  • https://doi.org/10.6028/NIST.SP.500-281Br1

Additional supporting information:

• USGv6 Program: Revision 1 Update, Presentation to the Federal IPv6 Task Force, November 8, 2019.

USGv6-r1 Test Program

• USGv6r1 Test Methods

  • "Grant of Use Rights: IPv6 Test Specifications", MOU between NIST and the IPv6 Forum , April 2008.
• USGv6r1 Test Selection Tables:  

  • We are in the process of updating the USGv6 test selection tables for revision 1 of the profile.  The tests will appear below as they are published.  See previous version of USGv6 profile for tests that are yet to be updated.

    • NOTE:  The current set of conformance and interoperability test plans and methods are not designed to support the testing of virtualized components within cloud infrastructures. 

    • ​​​While the general applications / service test plan can be used to develop individual test methods for specific Software as a Service (SaaS) offerings, the development of general IPv6 conformance and interoperability tests methods suitable for testing Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) is still under development.

      • Users of the USGv6 program should not require conformance or interoperability test results from PaaS or IaaS services until such test plans have been published in the table below.

      • Cloud service providers interested in helping define additional tests methods for such environments are encouraged to contact the address below.

    • Note, despite the current lack of USGv6 test methods for IaaS and PaaS cloud offerings, agencies should still be developing detailed requirement statements for IPv6 capabilities in both the management and control interfaces and network services in cloud service procurement documents as required by the FAR.  These requirement statements should support the USG strategic intent to transition all USG networked information systems and their interfaces to external systems to use only IPv6.

    • When USGv6 test methods appropriate for cloud services emerge, agencies can require test results from a USGv6 accredited lab to provide additional confidence that vendor offerings meet the stated IPv6 procurement requirements.  Until that time, agencies will have to use other methods to validate vendor claims of compliance.

  • Questions or comments about these test plans can be sent to:   usgv6-program [at] list.nist.gov.

​​​​​​

• USGv6-v1 Test Selection Tables

  Capability	Conformance Tests	Interoperability Tests	Functional Tests
  IPv6-Only			DRAFT IPv6_Only_F.pdf
  Core	Core_v1.2_C.pdf	Core_v1.2_I.pdf
  Addr_Arch	Addr_Arch_v1.1_C.pdf	Addr_Arch_v1.1_I.pdf
  SLAAC	SLAAC_v1.1_C.pdf	SLAAC_v1.2_I.pdf
  DHCP_Client
  DCHP_Server
  IPsecv3
  ESP
  IKEv2
  OSFPv3		OSPFv3_v1.0_I.pdf
  BGP
  NPP_FW	NPP_FW_v1.0_C.pdf
  NPP_IDS	NPP_IDS_v1.0_C.pdf
  NPP_IPS	NPP_IPS_v1.0_C.pdf
  NPP_APFW
  Application / Service			App_v1.0_F

• USGv6 Accredited Test Labs:
  • University of New Hampshire Interoperability Laboratory (UNH IOL)
    • USGv6 Lab Accreditation Scope (A2LA)
      • See: ISO-IEC-17025 Testing and Calibration Laboratories
    • USGv6 Test Program
    • Registries of Tested Products
      • Products tested against 2020 USGv6 Revision 1 Profile.
      • Products tested against the 2008 USGv6 Profile.
• USGv6 Test Method Validation:
  • 2019 Inter-laboratory Comparison Requirements:
    • Implementation to test:   Ubuntu Linux Desktop 18.04.3
    • Capabilities to test:  2019-interlab-css := USGv6-r1:Host + Core.
      • UNH-IOL Inter-laboratory comparison trace file.

Questions or comments about the USGv6 Program can be sent to the discussion list: usgv6-program [at] list.nist.gov