Interestingly - especially for those using an ASA without sufficient memory for later software versions - you can do this with ASA 8.0(3). It may have been an oversight or a "bug" with positive consequences in that version, because, it doesn't work in 8.0(5).

So I have a Cat4948 doing all the routing for my internal network. Now of course the 4948 doesn't support NAT, and since I'm on a domestic broadband service with only 1 public IPv4 address, I need something to do NAT, and that is an ASA, which of course is connected directly to my broadband.

The IPv6in4 tunnel remote endpoint (at the tunnel broker) is 216.66.80.26. The inside address of my end of the IPv6in4 tunnel is x.x.x.1/30.

The config is like this:

interface GigabitEthernet0/0
 description Broadband Service
 nameif outside
 security-level 0
 ip address dhcp setroute
!

interface GigabitEthernet0/1
 nameif inside
 security-level 100
 ip address x.x.x.2 255.255.255.252
 ipv6 address 2001:x:x:ff::2/64
 ipv6 enable
 ipv6 nd suppress-ra
!
object-group protocol IPV6inIP
 protocol-object 41
!
access-list OUTSIDE-IN extended permit object-group IPV6inIP host 216.66.80.26 interface outside
!
access-list STATIC-IPV6TUNNEL extended permit object-group IPV6inIP host x.x.x.1 host 216.66.80.26
!
static (inside,outside) interface  access-list STATIC-IPV6TUNNEL
!
access-group OUTSIDE-IN in interface outside

When I configure this, I get a warning about all traffic being translated to the interface address (IIRC) but it doesn't matter of course. I presume the warning applies only to protocol 41 traffic.