[ih] Gateway Issue: Certification (was Re: booting linux on a 4004)

Tue Oct 8 00:00:29 PDT 2024

I just paid a visit to the IPv6 Ready Logo Program site <https://www.ipv6ready.org/>. Interesting.  IMO, it has an impressive Approved Products list.

For what it's worth, here’s what Bing Copilot returns when asked to compare it with NIST certifications:

====

How effective is the IPv6 Ready Logo Program compared to other certification programs such as those provided by NIST?

The IPv6 Ready Logo Program and NIST certification programs both aim to ensure the reliability and interoperability of technology, but they have different focuses and methodologies. Here's a comparison of their effectiveness:

### IPv6 Ready Logo Program
1. **Focus**: Primarily targets IPv6 conformance and interoperability. It ensures that products can operate seamlessly in an IPv6 environment¹.
2. **Global Reach**: Has a worldwide presence with multiple testing laboratories, which helps maintain consistent standards internationally².
3. **User Confidence**: By obtaining the IPv6 Ready Logo, products demonstrate their readiness for IPv6, increasing user confidence in their deployment².
4. **Comprehensive Testing**: Includes extensive test specifications covering core IPv6 protocols and additional extended test categories³.

### NIST Certification Programs
1. **Broad Scope**: NIST provides a wide range of certification programs covering various aspects of technology, including cybersecurity, cryptography, and more⁴.
2. **Rigorous Standards**: Known for its stringent testing and certification processes, ensuring high levels of security and reliability.
3. **Government and Industry Trust**: NIST certifications are highly regarded and often required for government and industry compliance.
4. **Comprehensive Guidelines**: Provides detailed guidelines and frameworks that help organizations implement best practices.

### Effectiveness Comparison
- **Specialization vs. Generalization**: The IPv6 Ready Logo Program is highly specialized, focusing solely on IPv6, which makes it very effective for ensuring IPv6 readiness. NIST, on the other hand, covers a broader range of technologies, providing comprehensive security and reliability certifications.
- **Global vs. National**: The IPv6 Ready Logo Program has a more global approach, while NIST certifications are primarily recognized and required within the United States, though they are respected internationally.
- **User Confidence**: Both programs enhance user confidence, but in different domains. IPv6 Ready Logo is crucial for IPv6 deployment, while NIST certifications are essential for cybersecurity and compliance.

Both programs are effective in their respective areas, and the choice between them depends on the specific needs and focus of the organization.

Is there a particular aspect of these programs you are more interested in?

Source: Conversation with Copilot, 10/7/2024
(1) IPv6 Ready Logo Program Whitepaper. https://www.ipv6ready.org/docs/IPv6_Ready_Logo_White_Paper_Final.pdf.
(2) IPv6 Ready Logo Site | Home. https://www.ipv6ready.org/.
(3) IPV6 Ready | IPV6 Ready Logo | IPV6 Ready Logo Test Lab. https://cnlabsglobal.com/ipv6-ready-logo-program/.
(4) IPV6 Ready Logo| IPV6 Certification | IPV6 Test Programs | IPV6 Testing. https://cnlabsglobal.com/ipv6-certification/.

====

> On Oct 7, 2024, at 9:14 PM, Brian E Carpenter via Internet-history <internet-history at elists.isoc.org> wrote:
> 
> The IPv6 Forum "IPv6 Ready Logo" was an attempt at something like this.
> Being a member of the Forum's very populous Hall of Fame, it's not for
> me to judge its effectiveness.
> 
> Regards
>   Brian
> 
> On 08-Oct-24 15:36, Dave Crocker via Internet-history wrote:
>> On 10/6/2024 7:28 PM, Jack Haverty via Internet-history wrote:
>>> Several years ago, I suggested to someone on the ISOC Board that ISOC
>>> consider developing some kind of "ISOC Approved" logo, and of course
>>> associated testing mechanisms and bureaucracy.   I'm not sure what if
>>> anything happened afterwards though.
>> That is an operational effort and since it delivers success/failure
>> assessments, is likely to be controversial. Perhaps I've missed bit, but
>> I believe ISOC has neither of these in its DNA.
>> Perhaps a semi-independent certification effort, with ISOC oversight --
>> which it does have in its DNA.
>> But ultimately the question is not just what the value add will be, over
>> long-standing processes, but how will that value be enough to justify
>> the considerable effort and expense?  Oh, and how will industry be
>> convinced to engage with it, given it hasn't had to, for 40 years?
>> d/
> -- 
> Internet-history mailing list
> Internet-history at elists.isoc.org
> https://elists.isoc.org/mailman/listinfo/internet-history