NIST Guidance Targets Secure Use of IPv6SP 800-119 Details IPv6's Expanded Protocols, Services, Capabilities
SP 800-119 aims to help with the deployment of the next generation Internet protocol, IPv6. It describes and analyzes IPv6's new and expanded protocols, services and capabilities, including addressing, domain name system, routing, mobility, quality of service, multihoming and Internet protocol security. For each component, the publication provides a detailed analysis of the differences between IPv4 - the existing Net protocol - and the newer IPv6, the security ramifications and any unknown aspects. The publication characterizes new security threats posed by the transition to IPv6 and provides guidelines on IPv6 deployment, including transition, integration, configuration, and testing. It also addresses more recent significant changes in the approach to IPv6 transition.
SP 800-135 specifies security requirements for existing application-specific key derivation functions in: IKEv1 and IKEv2, SSH, TLS, SRTP, the User-based Security Model for version 3 of Simple Network Management Protocol, the Trusted Platform Module, American National Standard X9.42 (Agreement of Symmetric Keys Using Discrete Logarithm Cryptography) and ANS X9.63 (Key Agreement and Key Transport Using Elliptic Curve Cryptography).