Federal Acquisition Regulation; FAR Case 2005-041, Internet Protocol Version 6 (IPv6), 65605-65607 [E9-28931]

Download as PDF Federal Register / Vol. 74, No. 236 / Thursday, December 10, 2009 / Rules and Regulations indicator has been changed to no longer show a delinquent debt. * * * * * ■ 10. Amend section 32.1110 by adding a new sentence to the end of paragraph (d) to read as follows: 32.1110 Solicitation provision and contract clauses. * * * * * (d) * * * When the clause at 52.232– 36 is included in a solicitation or contract, the contracting officer shall also insert the clause at 52.232–33, Payment by Electronic Funds Transfer— Central Contractor Registration, or 52.232–34, Payment by Electronic Funds Transfer—Other Than Central Contractor Registration, as appropriate. * * * * * (b) Contractor payment request. (1) Except as provided in paragraph (b)(2) of this clause, the Contractor shall make payment requests through a charge to the Government account with the third party, at the time and for the amount due in accordance with those clauses of this contract that authorize the Contractor to submit invoices, contract financing requests, other payment requests, or as provided in other clauses providing for payment to the Contractor. (2) When the Contracting Officer has notified the Contractor that the Governmentwide commercial purchase card is no longer an authorized method of payment, the Contractor shall make such payment requests in accordance with instructions provided by the Contracting Officer during the period when the purchase card is not authorized. * * * * * [FR Doc. E9–28930 Filed 12–9–09; 8:45 am] BILLING CODE 6820–EP–S PART 52—SOLICITATION PROVISIONS AND CONTRACT CLAUSES DEPARTMENT OF DEFENSE 11. Amend section 52.212–5 by revising the date of the clause and paragraph (b)(40) to read as follows: GENERAL SERVICES ADMINISTRATION 52.212–5 Contract Terms and Conditions Required to Implement Statutes or Executive Orders—Commercial Items. NATIONAL AERONAUTICS AND SPACE ADMINISTRATION * 48 CFR Parts 7, 11, 12, and 39 ■ * * * * CONTRACT TERMS AND CONDITIONS REQUIRED TO IMPLEMENT STATUTES OR EXECUTIVE ORDERS—COMMERCIAL ITEMS (FEB 2010) * * * * * (b) * * * lll(40) 52.232–36, Payment by Third Party (FEB 2010) (31 U.S.C. 3332). * * * * 12. Amend section 52.232–36 by revising the date of the clause and paragraphs (a) and (b) to read as follows: ■ mstockstill on DSKH9S0YB1PROD with RULES2 Payment by Third Party. * * * * * PAYMENT BY THIRD PARTY (FEB 2010) (a) General. (1) Except as provided in paragraph (a)(2) of this clause, the Contractor agrees to accept payments due under this contract, through payment by a third party in lieu of payment directly from the Government, in accordance with the terms of this clause. The third party and, if applicable, the particular Governmentwide commercial purchase card to be used are identified elsewhere in this contract. (2) The Governmentwide commercial purchase card is not authorized as a method of payment during any period the Central Contractor Registration (CCR) indicates that the Contractor has delinquent debt that is subject to collection under the Treasury Offset Program (TOP). Information on TOP is available at http://fms.treas.gov/debt/ index.html. If the CCR subsequently indicates that the Contractor no longer has delinquent debt, the Contractor may request the Contracting Officer to authorize payment by Governmentwide commercial purchase card. VerDate Nov<24>2008 17:21 Dec 09, 2009 Jkt 220001 RIN 9000–AK57 Federal Acquisition Regulation; FAR Case 2005–041, Internet Protocol Version 6 (IPv6) * 52.232–36 [FAC 2005–38; FAR Case 2005–041; Item III; Docket 2009-0042, Sequence 1] AGENCIES: Department of Defense (DoD), General Services Administration (GSA), and National Aeronautics and Space Administration (NASA). ACTION: Final rule. SUMMARY: The Civilian Agency Acquisition Council and the Defense Acquisition Regulations Council (Councils) are issuing a final rule amending the Federal Acquisition Regulation (FAR) to require Internet Protocol Version 6 (IPv6) compliant products be included in all new information technology (IT) acquisitions using Internet Protocol (IP). IP is one of the primary mechanisms that define how and where information moves across networks. The widely-used IP industry standard is IP Version 4 (IPv4). The Office of Management and Budget (OMB) Memorandum M–05–22, dated August 2, 2005, requires all new IT procurements, to the maximum extent practicable, to include IPv6 capable products and standards. DATES: Effective Date: December 10, 2009. PO 00000 Frm 00009 Fmt 4701 Sfmt 4700 65605 FOR FURTHER INFORMATION CONTACT: For clarification of content, contact Mr. Ernest Woodson, Procurement Analyst, at (202) 501–3775. For information pertaining to status or publication schedules, contact the Regulatory Secretariat at (202) 501–4755. Please cite FAC 2005–38, FAR case 2005–041. SUPPLEMENTARY INFORMATION: A. Background To guide the Federal Government in its transition to IPv6, OMB issued Memorandum M–05–22, Transition Planning for Internet Protocol Version 6, which outlined a transition strategy for agencies to follow and established the goal for all Federal agency network backbones to support IPv6 by June 30, 2008. This guidance initiated the development for an addressing mechanism to increase the amount of available IP address space and support interconnected networks to handle increasing streams of text, voice, and video without compromising IPv4 capability or network security. Such benefits offered by IPv6 include (1) A platform for innovation, collaboration, and transparency; (2) Integrated interoperability and mobility; (3) Improved security features and; (4) Unconstrained address abundance. To begin the planning, agencies can achieve valuable benefits from IPv6 using the ‘‘IPv6 Planning Guide and Roadmap’’ to begin the planning for improvement in operational efficiencies and citizen services. This direction is necessary due to the inability of IPv4 to meet the Government’s long-term business needs because of limited robustness, scalability, and features. In coordination with OMB, the National Institute of Standards and Technology (NIST) developed additional standards and testing infrastructures to support agency plans for IPv6 adoption. The U.S. Government version 6 (USGv6) profile defines effective dates for its mandatory requirements so as to provide vendors a 24-month lead time to implement and test. The earliest effective date in version 1 of the profile is July, 2010. For NIST IPv6 information, visit http:// www.antd.nist.gov/usgv6. DoD, GSA, and NASA published a proposed rule in the Federal Register at 71 FR 50011, August 24, 2006, to amend the FAR to ensure that all new IT acquisitions using Internet Protocol are IPv6 compliant. Proactive integration of IPv6 requirements into Federal contracts may reduce the costs and complexity of transition by ensuring that Federal applications can operate in an IPv6 E:\FR\FM\10DER2.SGM 10DER2 mstockstill on DSKH9S0YB1PROD with RULES2 65606 Federal Register / Vol. 74, No. 236 / Thursday, December 10, 2009 / Rules and Regulations environment without costly upgrades. The final rule— • Adds a new paragraph (iii) at FAR 7.105(b)(4) to require a discussion of Internet Protocol compliance, as required by FAR 11.002(g), for information technology acquisitions using Internet Protocol; • Adds a new paragraph (g) to FAR 11.002 specifying that agency requirement documents must include the appropriate IPv6 compliance requirements in accordance with the Agency’s Enterprise Architecture, unless a waiver to the use of IPv6 has been granted; and • Adds a new paragraph (e) to both FAR 12.202 and FAR 39.101 stating that agencies must include the appropriate Internet Protocol compliance requirements consistent with FAR 11.002(g) regarding information technology acquisitions using Internet Protocol. The Councils received public comments from six sources in response to the proposed rule. A discussion of the comments is provided below. 1. FAR 7.105, Contents of written acquisition plans. a. A total of 5 comments were received regarding this section recommending editorial revisions to clarify the requirement, including adding a reference to OMB Memorandum M–05–22, Transition Planning for Internet Protocol Version 6 (IPv6), and indicating that the requirement only applies to IT acquisitions using Internet Protocol. Response: The Councils have clarified the rule by: adding the basic requirement for IPv6 compliance in FAR 11.002(g) along with a reference to the OMB memorandum; moving the acquisition planning requirement to FAR 7.105(b)(4)(iii) to ensure that it applies to both contracts and orders; and adding cross references to FAR 11.002(g), in FAR 12.202(e) and FAR 39.101(e). b. Comment: A respondent commented that several actions outlined in the Chief Information Officers (CIO) Council IPv6 guidance are not yet implemented and their absence makes it very difficult to adopt new FAR clauses. The Government has interchanged terminologies ‘‘IPv6 compliant and ‘‘IPv6 capable.’’ Without a clear standard with which to measure technologies, it is possible that some Government procurements could be IPv6 capable, but not IPv6 compliant. To require compliance at the contract level before development and adoption of a clear standard is premature. Another respondent commented that FAR 7.105(b)(4)(ii)(A)(2) states that the VerDate Nov<24>2008 17:21 Dec 09, 2009 Jkt 220001 reader can find ‘‘additional requirements’’ for IPv6 at the CIO Council Web site but the ‘‘additional requirements’’ are not readily accessible. There are a number of links but none concern IPv6. Response: As stated in OMB Memorandum M–05–22, the Federal CIO Council Architecture and Infrastructure Committee issued additional IPv6 transition guidance in February 2006 (ref: www.cio.gov/ documents/ IPv6lTransitionlGuidance.doc). In addition, the National Institute for Standards and Technology (NIST) has developed a standard to address IPv6 compliance for the Federal Government. The US Government standards for Internet Protocol Version 6 (IPv6) are located in NIST Special Publication 500–267 at www.antd.nist.gov/usgv6/ profile.html. This final rule retains a reference to OMB Memorandum M–05– 22. 2. FAR 12.202, Market research and description of agency need. Several comments were received regarding this section. a. Comment: One respondent commented that considering the requirements of FAR 12.202(b), why is the reminder at FAR 12.202(e) necessary? It seems highly unlikely that the agency would conduct market research or describe agency need and forget such an important element. Response: The Councils believe that it is important to remind contracting officers that when describing agency needs, requirements documents for IT using Internet Protocol must be IPv6 compliant. However, the final rule has been revised to establish the basic compliance requirement at FAR 11.002(g) and cross reference it in FAR 12.202 and FAR 39.101 instead of repeating the language in these latter two sections. b. Comment: The respondent commented that the reference to Web sites is inconsistent regarding ‘‘additional requirements.’’ One refers to the CIO Web site and the other to OMB’s Webpage containing OMB Memorandum M–05–22. Response: This final rule has been clarified as indicated in the response in paragraph 1. c. Comment: One respondent recommended that FAR 12.202(e) be changed to read: ‘‘Requirements documents for information technology solutions must include Internet Protocol Version 6 (IPv6) capability as outlined in the OMB Memorandum M–05–22, Transition Planning for Internet Protocol Version 6 (IPv6), and additional requirements for IPv6 at PO 00000 Frm 00010 Fmt 4701 Sfmt 4700 http://www.cio.gov/IPv6. Market research shall include the United States certified test suites, testing methodologies that do not include proprietary vendor solutions and show evidence of being a compliant product or service. Information on compliant products and services are found at http://www.cio.gov/IPv6.’’ Response: The final rule has been clarified at FAR 12.202(e) to indicate that requirements documents must include the appropriate Internet Protocol compliance requirements in accordance with FAR 11.002(g). 3. FAR 39.101, Policy. Several respondents suggested revisions to FAR 39.101(e) to clarify the waiver process and indicated that the term ‘‘information technology solution,’’ as used in this subpart and throughout the final rule, was not defined and recommended that a definition be added. Response: The Councils have revised the final rule to delete the questioned term and instead have adopted the selfdefining ‘‘information technology using Internet Protocol.’’ In addition, waiver language has been clarified at FAR 11.002, indicating that IPv6 compliance requirements are outlined in the agency’s IPv6 transition plan. 4. General comments. Five comments were submitted regarding the general requirements of this final rule. a. Comment: One respondent commented that the proposed rule is not required, as it is a technical requirement, not an acquisition related mandate. The respondent also considers the proposed rule to be redundant because the requirements are referenced in OMB Memorandum M–05–22 and in other supplemental guidance on the CIO Council’s Web site. Another respondent stated that OMB Memorandum M–05–22 defines an aggressive target for initial agency adoption and operational deployment of a technology that is relatively new and unproven to most agencies. It is not clear that a second piece of policy is required to achieve the same goal as OMB Memorandum M–05–22. If the scope of the FAR is broader than OMB Memorandum M–05–22, then it would seem premature to pursue this broader policy until further IPv6 specifications and testing efforts mature and the results of the existing planning efforts to understand agency mission requirements, operational impacts and potential security ramifications are available. Response: Proactive integration of IPv6 requirements into Federal contracts may reduce the costs and complexity of transition by ensuring that Federal E:\FR\FM\10DER2.SGM 10DER2 Federal Register / Vol. 74, No. 236 / Thursday, December 10, 2009 / Rules and Regulations mstockstill on DSKH9S0YB1PROD with RULES2 applications can operate in an IPv6 environment without costly upgrades. The final rule is necessary to amend the FAR to require IPv6 capable products be included in IT procurements. In addition, establishing FAR language ensures that all new information technology systems and applications purchased by the Federal Government will be able to operate in an IPv6 environment, to the maximum extent practical. The Councils believe that the final rule fully captures the intent of OMB Memorandum M–05–22. b. Comment: One respondent questioned whether any of the proposed amendments to FAR parts 7, 12 and 39 need to refer to the ‘‘additional requirement’’ at all. It is likely the ‘‘additional requirements’’ are those the CIO Council is or may be developing to address internal, non-procurement related transition activities (see Attachment C to OMB memorandum). Instead of referring broadly to the OMB memorandum in the proposed FAR amendments, it might make sense to refer narrowly to the section of the memorandum entitled ‘‘Selecting Products and Capabilities,’’ the only portion of the memorandum that directly addresses acquisition of IPv6 compliant information technology. FAR parts 7 and 12 both refer to the OMB memorandum and to ‘‘additional requirements’’ and FAR part 39 refers only to the OMB memorandum and not ‘‘additional requirements’’. Response: This final rule has been revised to remove references to ‘‘additional requirements’’. New FAR 11.002(g) refers to NIST Special Publication 500–267. Previous Web references have been deleted and a reference to OMB Memorandum M–05– 22 has been retained. This is a significant regulatory action and, therefore, was subject to review under Section 6(b) of Executive Order 12866, Regulatory Planning and Review, dated September 30, 1993. This rule is not a major rule under 5 U.S.C. 804. B. Regulatory Flexibility Act The Department of Defense, the General Services Administration, and the National Aeronautics and Space Administration certify that this final rule will not have a significant economic impact on a substantial number of small entities within the meaning of the Regulatory Flexibility Act, 5 U.S.C. 601, et seq., because the Government expects that commercially available items will be required, with no additional testing being necessary. The Chief Counsel for Advocacy, Office of Advocacy, within the Small Business Administration (SBA) was consulted by VerDate Nov<24>2008 17:21 Dec 09, 2009 Jkt 220001 the Councils on the impact of this rule on small businesses. SBA conducted its own informal survey with small businesses and their conclusion is that there is no negative impact on small businesses.There are no known significant alternatives that will accomplish the objectives of this rule. No alternatives were proposed during the public comment period. C. Paperwork Reduction Act The Paperwork Reduction Act does not apply because the changes to the FAR do not impose information collection requirements that require the approval of the Office of Management and Budget under 44 U.S.C. chapter 35, et seq. List of Subjects in 48 CFR Parts 7, 11, 12, and 39 Government procurement. 65607 must include reference to the appropriate technical capabilities defined in the USGv6 Profile (NIST Special Publication 500–267) and the corresponding declarations of conformance defined in the USGv6 Test Program. The applicability of IPv6 to agency networks, infrastructure, and applications specific to individual acquisitions will be in accordance with the agency’s Enterprise Architecture (see OMB Memorandum M–05–22 dated August 2, 2005). * * * * * PART 12—ACQUISITION OF COMMERCIAL ITEMS 4. Amend section 12.202 by adding paragraph (e) to read as follows: ■ 12.202 Market research and description of agency need. * Dated: November 30, 2009. Al Matera, Director, Acquisition Policy Division. Therefore, DoD, GSA, and NASA amend 48 CFR parts 7, 11, 12, and 39 as set forth below: ■ 1. The authority citation for 48 CFR parts 7, 11, 12, and 39 continues to read as follows: ■ * * * * (e) When acquiring information technology using Internet Protocol, agencies must include the appropriate Internet Protocol compliance requirements in accordance with 11.002(g). PART 39—ACQUISITION OF INFORMATION TECHNOLOGY 5. Amend section 39.101 by adding paragraph (e) to read as follows: Authority: 40 U.S.C. 121(c); 10 U.S.C. chapter 137; and 42 U.S.C. 2473(c). ■ PART 7—ACQUISITION PLANNING 39.101 2. Amend section 7.105 by adding paragraph (b)(4)(iii) to read as follows: ■ 7.105 Contents of written acquisition plans. (b) * * * (4) * * * (iii) For information technology acquisitions using Internet Protocol, discuss whether the requirements documents include the Internet Protocol compliance requirements specified in 11.002(g) or a waiver of these requirements has been granted by the agency’s Chief Information Officer. * * * * * PART 11—DESCRIBING AGENCY NEEDS Policy. * * * * * (e) When acquiring information technology using Internet Protocol, agencies must include the appropriate Internet Protocol compliance requirements in accordance with 11.002(g). [FR Doc. E9–28931 Filed 12–9–09; 8:45 am] BILLING CODE 6820–EP–S DEPARTMENT OF DEFENSE GENERAL SERVICES ADMINISTRATION NATIONAL AERONAUTICS AND SPACE ADMINISTRATION 48 CFR Parts 26, 31, and 52 3. Amend section 11.002 by redesignating paragraph (g) as paragraph (h), and adding a new paragraph (g) to read as follows: [FAC 2005–38; FAR Case 2008–017; Item IV; Docket 2009–0007, Sequence 1] 11.002 Federal Acquisition Regulation; FAR Case 2008–017, Federal Food Donation Act of 2008 (Pub. L. 110–247) ■ Policy. * * * * * (g) Unless the agency Chief Information Officer waives the requirement, when acquiring information technology using Internet Protocol, the requirements documents PO 00000 Frm 00011 Fmt 4701 Sfmt 4700 RIN 9000–AL49 AGENCIES: Department of Defense (DoD), General Services Administration (GSA), and National Aeronautics and Space Administration (NASA). E:\FR\FM\10DER2.SGM 10DER2

Agencies

[Federal Register Volume 74, Number 236 (Thursday, December 10, 2009)]
[Rules and Regulations]
[Pages 65605-65607]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E9-28931]


-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

GENERAL SERVICES ADMINISTRATION

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION

48 CFR Parts 7, 11, 12, and 39

[FAC 2005-38; FAR Case 2005-041; Item III; Docket 2009-0042, Sequence 
1]
RIN 9000-AK57


Federal Acquisition Regulation; FAR Case 2005-041, Internet 
Protocol Version 6 (IPv6)

AGENCIES: Department of Defense (DoD), General Services Administration 
(GSA), and National Aeronautics and Space Administration (NASA).

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The Civilian Agency Acquisition Council and the Defense 
Acquisition Regulations Council (Councils) are issuing a final rule 
amending the Federal Acquisition Regulation (FAR) to require Internet 
Protocol Version 6 (IPv6) compliant products be included in all new 
information technology (IT) acquisitions using Internet Protocol (IP). 
IP is one of the primary mechanisms that define how and where 
information moves across networks. The widely-used IP industry standard 
is IP Version 4 (IPv4). The Office of Management and Budget (OMB) 
Memorandum M-05-22, dated August 2, 2005, requires all new IT 
procurements, to the maximum extent practicable, to include IPv6 
capable products and standards.

DATES: Effective Date: December 10, 2009.

FOR FURTHER INFORMATION CONTACT: For clarification of content, contact 
Mr. Ernest Woodson, Procurement Analyst, at (202) 501-3775. For 
information pertaining to status or publication schedules, contact the 
Regulatory Secretariat at (202) 501-4755. Please cite FAC 2005-38, FAR 
case 2005-041.

SUPPLEMENTARY INFORMATION:

A. Background

    To guide the Federal Government in its transition to IPv6, OMB 
issued Memorandum M-05-22, Transition Planning for Internet Protocol 
Version 6, which outlined a transition strategy for agencies to follow 
and established the goal for all Federal agency network backbones to 
support IPv6 by June 30, 2008. This guidance initiated the development 
for an addressing mechanism to increase the amount of available IP 
address space and support interconnected networks to handle increasing 
streams of text, voice, and video without compromising IPv4 capability 
or network security. Such benefits offered by IPv6 include (1) A 
platform for innovation, collaboration, and transparency; (2) 
Integrated interoperability and mobility; (3) Improved security 
features and; (4) Unconstrained address abundance. To begin the 
planning, agencies can achieve valuable benefits from IPv6 using the 
``IPv6 Planning Guide and Roadmap'' to begin the planning for 
improvement in operational efficiencies and citizen services. This 
direction is necessary due to the inability of IPv4 to meet the 
Government's long-term business needs because of limited robustness, 
scalability, and features. In coordination with OMB, the National 
Institute of Standards and Technology (NIST) developed additional 
standards and testing infrastructures to support agency plans for IPv6 
adoption. The U.S. Government version 6 (USGv6) profile defines 
effective dates for its mandatory requirements so as to provide vendors 
a 24-month lead time to implement and test. The earliest effective date 
in version 1 of the profile is July, 2010. For NIST IPv6 information, 
visit http://www.antd.nist.gov/usgv6.
    DoD, GSA, and NASA published a proposed rule in the Federal 
Register at 71 FR 50011, August 24, 2006, to amend the FAR to ensure 
that all new IT acquisitions using Internet Protocol are IPv6 
compliant. Proactive integration of IPv6 requirements into Federal 
contracts may reduce the costs and complexity of transition by ensuring 
that Federal applications can operate in an IPv6

[[Page 65606]]

environment without costly upgrades. The final rule--
     Adds a new paragraph (iii) at FAR 7.105(b)(4) to require a 
discussion of Internet Protocol compliance, as required by FAR 
11.002(g), for information technology acquisitions using Internet 
Protocol;
     Adds a new paragraph (g) to FAR 11.002 specifying that 
agency requirement documents must include the appropriate IPv6 
compliance requirements in accordance with the Agency's Enterprise 
Architecture, unless a waiver to the use of IPv6 has been granted; and
     Adds a new paragraph (e) to both FAR 12.202 and FAR 39.101 
stating that agencies must include the appropriate Internet Protocol 
compliance requirements consistent with FAR 11.002(g) regarding 
information technology acquisitions using Internet Protocol.
    The Councils received public comments from six sources in response 
to the proposed rule. A discussion of the comments is provided below.
    1. FAR 7.105, Contents of written acquisition plans.
    a. A total of 5 comments were received regarding this section 
recommending editorial revisions to clarify the requirement, including 
adding a reference to OMB Memorandum M-05-22, Transition Planning for 
Internet Protocol Version 6 (IPv6), and indicating that the requirement 
only applies to IT acquisitions using Internet Protocol.
    Response: The Councils have clarified the rule by: adding the basic 
requirement for IPv6 compliance in FAR 11.002(g) along with a reference 
to the OMB memorandum; moving the acquisition planning requirement to 
FAR 7.105(b)(4)(iii) to ensure that it applies to both contracts and 
orders; and adding cross references to FAR 11.002(g), in FAR 12.202(e) 
and FAR 39.101(e).
    b. Comment: A respondent commented that several actions outlined in 
the Chief Information Officers (CIO) Council IPv6 guidance are not yet 
implemented and their absence makes it very difficult to adopt new FAR 
clauses. The Government has interchanged terminologies ``IPv6 compliant 
and ``IPv6 capable.'' Without a clear standard with which to measure 
technologies, it is possible that some Government procurements could be 
IPv6 capable, but not IPv6 compliant. To require compliance at the 
contract level before development and adoption of a clear standard is 
premature.
    Another respondent commented that FAR 7.105(b)(4)(ii)(A)(2) states 
that the reader can find ``additional requirements'' for IPv6 at the 
CIO Council Web site but the ``additional requirements'' are not 
readily accessible. There are a number of links but none concern IPv6.
    Response: As stated in OMB Memorandum M-05-22, the Federal CIO 
Council Architecture and Infrastructure Committee issued additional 
IPv6 transition guidance in February 2006 (ref: www.cio.gov/documents/IPv6_Transition_Guidance.doc). In addition, the National Institute 
for Standards and Technology (NIST) has developed a standard to address 
IPv6 compliance for the Federal Government. The US Government standards 
for Internet Protocol Version 6 (IPv6) are located in NIST Special 
Publication 500-267 at www.antd.nist.gov/usgv6/profile.html. This final 
rule retains a reference to OMB Memorandum M-05-22.
    2. FAR 12.202, Market research and description of agency need. 
Several comments were received regarding this section.
    a. Comment: One respondent commented that considering the 
requirements of FAR 12.202(b), why is the reminder at FAR 12.202(e) 
necessary? It seems highly unlikely that the agency would conduct 
market research or describe agency need and forget such an important 
element.
    Response: The Councils believe that it is important to remind 
contracting officers that when describing agency needs, requirements 
documents for IT using Internet Protocol must be IPv6 compliant. 
However, the final rule has been revised to establish the basic 
compliance requirement at FAR 11.002(g) and cross reference it in FAR 
12.202 and FAR 39.101 instead of repeating the language in these latter 
two sections.
    b. Comment: The respondent commented that the reference to Web 
sites is inconsistent regarding ``additional requirements.'' One refers 
to the CIO Web site and the other to OMB's Webpage containing OMB 
Memorandum M-05-22.
    Response: This final rule has been clarified as indicated in the 
response in paragraph 1.
    c. Comment: One respondent recommended that FAR 12.202(e) be 
changed to read: ``Requirements documents for information technology 
solutions must include Internet Protocol Version 6 (IPv6) capability as 
outlined in the OMB Memorandum M-05-22, Transition Planning for 
Internet Protocol Version 6 (IPv6), and additional requirements for 
IPv6 at http://www.cio.gov/IPv6. Market research shall include the 
United States certified test suites, testing methodologies that do not 
include proprietary vendor solutions and show evidence of being a 
compliant product or service. Information on compliant products and 
services are found at http://www.cio.gov/IPv6.''
    Response: The final rule has been clarified at FAR 12.202(e) to 
indicate that requirements documents must include the appropriate 
Internet Protocol compliance requirements in accordance with FAR 
11.002(g).
    3. FAR 39.101, Policy. Several respondents suggested revisions to 
FAR 39.101(e) to clarify the waiver process and indicated that the term 
``information technology solution,'' as used in this subpart and 
throughout the final rule, was not defined and recommended that a 
definition be added.
    Response: The Councils have revised the final rule to delete the 
questioned term and instead have adopted the self-defining 
``information technology using Internet Protocol.'' In addition, waiver 
language has been clarified at FAR 11.002, indicating that IPv6 
compliance requirements are outlined in the agency's IPv6 transition 
plan.
    4. General comments. Five comments were submitted regarding the 
general requirements of this final rule.
    a. Comment: One respondent commented that the proposed rule is not 
required, as it is a technical requirement, not an acquisition related 
mandate. The respondent also considers the proposed rule to be 
redundant because the requirements are referenced in OMB Memorandum M-
05-22 and in other supplemental guidance on the CIO Council's Web site.
    Another respondent stated that OMB Memorandum M-05-22 defines an 
aggressive target for initial agency adoption and operational 
deployment of a technology that is relatively new and unproven to most 
agencies. It is not clear that a second piece of policy is required to 
achieve the same goal as OMB Memorandum M-05-22. If the scope of the 
FAR is broader than OMB Memorandum M-05-22, then it would seem 
premature to pursue this broader policy until further IPv6 
specifications and testing efforts mature and the results of the 
existing planning efforts to understand agency mission requirements, 
operational impacts and potential security ramifications are available.
    Response: Proactive integration of IPv6 requirements into Federal 
contracts may reduce the costs and complexity of transition by ensuring 
that Federal

[[Page 65607]]

applications can operate in an IPv6 environment without costly 
upgrades. The final rule is necessary to amend the FAR to require IPv6 
capable products be included in IT procurements. In addition, 
establishing FAR language ensures that all new information technology 
systems and applications purchased by the Federal Government will be 
able to operate in an IPv6 environment, to the maximum extent 
practical. The Councils believe that the final rule fully captures the 
intent of OMB Memorandum M-05-22.
    b. Comment: One respondent questioned whether any of the proposed 
amendments to FAR parts 7, 12 and 39 need to refer to the ``additional 
requirement'' at all. It is likely the ``additional requirements'' are 
those the CIO Council is or may be developing to address internal, non-
procurement related transition activities (see Attachment C to OMB 
memorandum). Instead of referring broadly to the OMB memorandum in the 
proposed FAR amendments, it might make sense to refer narrowly to the 
section of the memorandum entitled ``Selecting Products and 
Capabilities,'' the only portion of the memorandum that directly 
addresses acquisition of IPv6 compliant information technology. FAR 
parts 7 and 12 both refer to the OMB memorandum and to ``additional 
requirements'' and FAR part 39 refers only to the OMB memorandum and 
not ``additional requirements''.
    Response: This final rule has been revised to remove references to 
``additional requirements''. New FAR 11.002(g) refers to NIST Special 
Publication 500-267. Previous Web references have been deleted and a 
reference to OMB Memorandum M-05-22 has been retained.
    This is a significant regulatory action and, therefore, was subject 
to review under Section 6(b) of Executive Order 12866, Regulatory 
Planning and Review, dated September 30, 1993. This rule is not a major 
rule under 5 U.S.C. 804.

B. Regulatory Flexibility Act

    The Department of Defense, the General Services Administration, and 
the National Aeronautics and Space Administration certify that this 
final rule will not have a significant economic impact on a substantial 
number of small entities within the meaning of the Regulatory 
Flexibility Act, 5 U.S.C. 601, et seq., because the Government expects 
that commercially available items will be required, with no additional 
testing being necessary. The Chief Counsel for Advocacy, Office of 
Advocacy, within the Small Business Administration (SBA) was consulted 
by the Councils on the impact of this rule on small businesses. SBA 
conducted its own informal survey with small businesses and their 
conclusion is that there is no negative impact on small 
businesses.There are no known significant alternatives that will 
accomplish the objectives of this rule. No alternatives were proposed 
during the public comment period.

C. Paperwork Reduction Act

    The Paperwork Reduction Act does not apply because the changes to 
the FAR do not impose information collection requirements that require 
the approval of the Office of Management and Budget under 44 U.S.C. 
chapter 35, et seq.

List of Subjects in 48 CFR Parts 7, 11, 12, and 39

    Government procurement.

    Dated: November 30, 2009.
Al Matera,
Director, Acquisition Policy Division.

0
Therefore, DoD, GSA, and NASA amend 48 CFR parts 7, 11, 12, and 39 as 
set forth below:

0
1. The authority citation for 48 CFR parts 7, 11, 12, and 39 continues 
to read as follows:

    Authority:  40 U.S.C. 121(c); 10 U.S.C. chapter 137; and 42 
U.S.C. 2473(c).

PART 7--ACQUISITION PLANNING

0
2. Amend section 7.105 by adding paragraph (b)(4)(iii) to read as 
follows:


7.105  Contents of written acquisition plans.

    (b) * * *
    (4) * * *
    (iii) For information technology acquisitions using Internet 
Protocol, discuss whether the requirements documents include the 
Internet Protocol compliance requirements specified in 11.002(g) or a 
waiver of these requirements has been granted by the agency's Chief 
Information Officer.
* * * * *

PART 11--DESCRIBING AGENCY NEEDS

0
3. Amend section 11.002 by redesignating paragraph (g) as paragraph 
(h), and adding a new paragraph (g) to read as follows:


11.002  Policy.

* * * * *
    (g) Unless the agency Chief Information Officer waives the 
requirement, when acquiring information technology using Internet 
Protocol, the requirements documents must include reference to the 
appropriate technical capabilities defined in the USGv6 Profile (NIST 
Special Publication 500-267) and the corresponding declarations of 
conformance defined in the USGv6 Test Program. The applicability of 
IPv6 to agency networks, infrastructure, and applications specific to 
individual acquisitions will be in accordance with the agency's 
Enterprise Architecture (see OMB Memorandum M-05-22 dated August 2, 
2005).
* * * * *

PART 12--ACQUISITION OF COMMERCIAL ITEMS

0
4. Amend section 12.202 by adding paragraph (e) to read as follows:


12.202  Market research and description of agency need.

* * * * *
    (e) When acquiring information technology using Internet Protocol, 
agencies must include the appropriate Internet Protocol compliance 
requirements in accordance with 11.002(g).

PART 39--ACQUISITION OF INFORMATION TECHNOLOGY

0
5. Amend section 39.101 by adding paragraph (e) to read as follows:


39.101  Policy.

* * * * *
    (e) When acquiring information technology using Internet Protocol, 
agencies must include the appropriate Internet Protocol compliance 
requirements in accordance with 11.002(g).
[FR Doc. E9-28931 Filed 12-9-09; 8:45 am]
BILLING CODE 6820-EP-S