NIST Updates USGv6 Program in Support of New Federal IPv6 Initiatives

In November 2020, OMB issued memorandum M-21-07 “Completing the Transition to Internet Protocol Version 6 (IPv6)“, which outlines the Federal government’s strategic intent “to deliver its information services, operate its networks, and access the services of others using only IPv6”. This policy also instructed NIST to update and expand its USGv6 standards profile and test program to facilitate this government-wide initiative.

In anticipation of this request NIST and its partners undertook a significant revision of the USGv6 Profile and Test Program to update their technical specifications and to streamline their use in Federal procurement processes. USGv6-r1, the first major revision of the USGv6 Program, has several objectives:

  • To update the set of Internet Engineering Task Force (IETF) specifications that form the basis for the profile to their latest published version.
  • To add new specifications for important IPv6 capabilities that have been developed since the publication of the first profile.
  • To remove specifications for IPv6 capabilities included in the first version of the profile, but that have since failed to achieve significant support in commercial products and network deployments.
  • To simplify the means of expressing IPv6 requirements for and capabilities of network IT products and services.
  • To separate the definition of IPv6 Capability Profiles from their specific use in USG acquisition programs so as to permit other user groups to re-use the capability profiles and their aligned product testing programs. To achieve this last goal, we have refactored the original USGv6 profile into two distinct documents.
  • To update and streamline the description and operation of the USGv6 Test Program to reflect the lessons learned in the implementation of that program to date.

The USG move toward IPv6-only network environments dramatically increases the need to assure the quality, completeness and interoperability of the IPv6 capabilities in IT products and services. While IPv6-only environments will greatly reduce the complexity of operating dual-stacked networks, it does imply that systems will not be able to rely on IPv4 as a fall back service. This revision to the USGv6 Profile and Test Program is aimed at providing the tools that agencies can use to protect future investments in IPv6 enabled products and services.

See USGv6 Revision 1 for new specifications and additional program details.

Follow on work for NIST will include updating existing IPv6 security guidance to address recent protocol advances and modern deployment scenarios and developing demonstration testbeds and practice guides focused on security for IPv6 enabled enterprises.

/Public Release. The material in this public release comes from the originating organization and may be of a point-in-time nature, edited for clarity, style and length. View in full here.