IPv6 Performance and Diagnostic Metrics Version 2 (PDMv2) Destination Option

Internet-Draft	draft-ietf-ippm-encrypted-pdmv2	January 2026
Elkins, et al.	Expires 20 July 2026	[Page]

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶

This Internet-Draft will expire on 20 July 2026.¶

Copyright Notice

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶

1. Introduction

The Performance and Diagnostic Metrics (PDM) Destination Option defined in RFC 8250 provides packet sequence numbers and timing information to support performance measurement and diagnostics. While effective, transmitting such information in clear text can reveal details about endpoint behavior, processing capability, and network characteristics.¶

PDMv2 enhances PDM by enabling secure operation through a registration-first architecture . Security-sensitive material is established out of band, prior to data transmission, and is not negotiated inline with PDMv2 traffic. This approach preserves the lightweight nature of PDM while avoiding tight coupling to transport-layer security protocols.¶

PDMv2 operates entirely at the IPv6 layer and applies uniformly to TCP, UDP, ICMP, QUIC, and other upper-layer protocols. Intermediate devices are not required to decrypt or interpret PDMv2 contents.¶

2. Conventions used in this document

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶

3. Design Goals

PDMv2 is designed with the following goals:¶

Maintain compatibility with the operational model of RFC 8250¶
Avoid inline cryptographic handshakes at the IP layer¶
Support heterogeneous transport protocols and non-transport flows¶
Enable offline analysis by authorized entities¶
Integrate cleanly with existing authentication and authorization infrastructures¶

4. PDMv2 Foundational Principles

PDMv2 adheres to the following foundational principles:¶

1.: Registration-First Security: All security context used by PDMv2 is established during a prior registration phase. No cryptographic negotiation occurs during PDMv2 packet exchange.¶
2.: IP-Layer Independence: PDMv2 security does not depend on TCP, TLS, QUIC, or any specific transport protocol.¶
3.: Minimal On-Path Impact: Routers and intermediate nodes forward PDMv2 packets without decryption or inspection.¶
4.: Offline Decryption and Analysis: PDMv2 data MAY be collected and analyzed after transmission. Real-time interpretation is optional and deployment-specific.¶
5.: Separation of Specification Scope: This document defines protocol behavior and data formats, not cryptographic algorithms.¶
6.: Explicit Authorization: Only registered and authorized entities may emit, receive, or analyze protected PDMv2 data.¶

5. Registration Framework Overview

PDMv2 relies on an external registration system to establish trust and shared context between participating entities.¶

5.1. Registration Objectives

A registration system used with PDMv2 MUST:¶

Authenticate participating entities¶
Authorize PDMv2 usage¶
Establish one or more shared secrets or credentials¶
Enable analyzers to interpret PDMv2 data¶
Support revocation and lifecycle management¶

5.2. Registration Participants

The following logical roles are assumed:¶

Client : An endpoint that initiates communication and emits PDMv2 data¶
Server : An endpoint that receives communication and emits PDMv2 data¶
Authentication Server (AS) : A trusted entity that performs authentication and authorization¶
Analyzer : An authorized entity that interprets collected PDMv2 data¶

An implementation MAY combine roles within a single system.¶

5.3. Registration Transport

The registration exchange MUST be protected by a secure channel. The choice of transport and security protocol is out of scope for this document.¶

6. PDMv2 Destination Options

6.1. Use of IPv6 Destination Options

PDMv2 is carried as an IPv6 Destination Option within the Destination Options Header as defined in RFC 8200. Processing rules from RFC 8250 continue to apply unless explicitly updated by this document.¶

6.2. Metrics

PDMv2 supports the following metrics:¶

Packet Sequence Number (This Packet)¶
Packet Sequence Number (Last Received)¶
Delta Time Last Received¶
Delta Time Last Sent¶
Global Pointer¶

These metrics have the same semantics as in RFC 8250, with the addition of the Global Pointer.¶

6.3. Global Pointer

The Global Pointer provides a coarse indicator of packet transmission activity by an endpoint. Separate counters are maintained for link-local and global unicast source addresses.¶

8. Operational Model

8.1. Registration Phase

Prior to sending PDMv2 data:¶

7.: The endpoint authenticates to an Authentication Server¶
8.: Authorization for PDMv2 usage is evaluated¶
9.: Shared secret(s) or credentials are provisioned¶

8.2. Measurement Phase

10.: Endpoints send PDMv2 headers according to local policy¶
11.: No cryptographic negotiation occurs on the wire¶
12.: Intermediate devices forward packets unchanged¶

8.3. Analysis Phase

13.: Authorized analyzers access collected data¶
14.: Interpretation uses registration-derived context¶

9. Security Considerations

PDMv2 reduces exposure of sensitive operational metadata by ensuring that only registered and authorized entities can meaningfully interpret measurement data.¶

This document intentionally does not specify cryptographic mechanisms. Security strength therefore depends on the chosen registration system, its authentication methods, and its key management practices.¶

Implementations SHOULD support:¶

15.: Forward Secracy¶
16.: Logging of anomalous PDMv2 behavior¶

10. Privacy Considerations

PDMv2 metrics may reveal traffic patterns or operational characteristics. Registration-based authorization limits access to such data to approved entities. Deployments SHOULD consider enabling PDMv2 on multiple flows to reduce metadata distinguishability.¶

11. IANA Considerations

No new IANA actions are required by this document.¶

12. Contributors

The authors wish to thank NITK Surathkal for their support and assistance in coding and review. In particular Dr. Mohit Tahiliani and Abhishek Kumar (now with Google). Thanks also to Priyanka Sinha for her comments. Thanks to the India Internet Engineering Society (iiesoc.in), in particular Dhruv Dhody, for his comments and for providing the funding for servers needed for protocol development. Thanks to Balajinaidu V, Amogh Umesh, and Chinmaya Sharma of NITK for developing the PDMv2 implementation for testing.¶

13. References

13.1. Normative References

[RFC2119]: Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/rfc/rfc2119>.
[RFC3552]: Rescorla, E. and B. Korver, "Guidelines for Writing RFC Text on Security Considerations", BCP 72, RFC 3552, DOI 10.17487/RFC3552, July 2003, <https://www.rfc-editor.org/rfc/rfc3552>.
[RFC8174]: Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.
[RFC8200]: Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", STD 86, RFC 8200, DOI 10.17487/RFC8200, July 2017, <https://www.rfc-editor.org/rfc/rfc8200>.
[RFC8250]: Elkins, N., Hamilton, R., and M. Ackermann, "IPv6 Performance and Diagnostic Metrics (PDM) Destination Option", RFC 8250, DOI 10.17487/RFC8250, September 2017, <https://www.rfc-editor.org/rfc/rfc8250>.

13.2. Informative References

[RFC1421]: Linn, J., "Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures", RFC 1421, DOI 10.17487/RFC1421, February 1993, <https://www.rfc-editor.org/rfc/rfc1421>.
[RFC4303]: Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 4303, DOI 10.17487/RFC4303, December 2005, <https://www.rfc-editor.org/rfc/rfc4303>.
[RFC6973]: Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., Morris, J., Hansen, M., and R. Smith, "Privacy Considerations for Internet Protocols", RFC 6973, DOI 10.17487/RFC6973, July 2013, <https://www.rfc-editor.org/rfc/rfc6973>.
[RFC9180]: Barnes, R., Bhargavan, K., Lipp, B., and C. Wood, "Hybrid Public Key Encryption", RFC 9180, DOI 10.17487/RFC9180, February 2022, <https://www.rfc-editor.org/rfc/rfc9180>.
[RFC9288]: Gont, F. and W. Liu, "Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers", RFC 9288, DOI 10.17487/RFC9288, August 2022, <https://www.rfc-editor.org/rfc/rfc9288>.

Appendix A. Example: RADIUS / EAP-Based Registration

This appendix illustrates one possible registration mechanism that satisfies the requirements defined in Section 4. Other mechanisms may be used.¶

A.1. Overview

This appendix describes an example registration system for PDMv2 based on RADIUS with Extensible Authentication Protocol (EAP). This approach has been implemented and validated in a prototype environment and demonstrates that a shared master secret can be established prior to PDMv2 operation without introducing inline cryptographic negotiation at the IP layer.¶

RADIUS and EAP are widely deployed for Authentication, Authorization, and Accounting (AAA) in enterprise, service provider, and federated environments (e.g., eduroam). Their use here is illustrative and leverages existing infrastructure and operational experience.¶

A.2. Participants

The following entities participate in this example:¶

PDMv2 Endpoint A Client or Server that will emit or receive PDMv2 data.¶
Authentication Server (AS) A RADIUS server that performs authentication and authorization using EAP.¶
Analyzer An authorized entity that may interpret or decrypt collected PDMv2 data using registration-derived context.¶

An implementation MAY combine multiple roles within a single system.¶

A.3. Registration Flow (Example)

A typical registration flow proceeds as follows:¶

17.

Secure Channel Establishment The PDMv2 endpoint establishes a secure exchange with the Authentication Server. In many deployments this occurs implicitly as part of an EAP method protected by TLS (e.g., EAP-TLS or PEAP).¶

18.

Endpoint Authentication The endpoint authenticates using credentials appropriate to the deployment, such as certificates, credentials, tokens, or federated identity.¶

19.

Authorization Decision The Authentication Server determines whether the endpoint is authorized to:¶

Send PDMv2 data¶
Receive PDMv2 data¶
Participate in specific measurement domains¶

20.

Master Secret Establishment Upon successful authentication, EAP produces keying material (e.g., a Master Session Key). This keying material is made available to the endpoint and retained by the Authentication Server according to local policy.¶

21.

Provisioning of Context The endpoint associates the received master secret with local PDMv2 policy, such as permitted peers, scope, and lifetime.¶

22.

Analyzer Enablement (Optional) If offline analysis is required, the Authentication Server provisions appropriate authorization or keying context to approved analyzers.¶

A.4. Registration Flow (Illustrative ASCII Diagram)

The following diagram illustrates the example flow. It is provided for clarity only and does not define protocol behavior.¶

PDMv2 Endpoint              Authentication Server             Analyzer
|                              |                               |
|--- EAP Authentication -----> |                               |
|<-- EAP Success / Keys ------ |                               |
|                              |                               |
|   (Registration Complete)    |                               |
|                              |                               |
|====== PDMv2 Data Flow =====> |           (out of path)       |
|                              |                               |
|                              |------- Authorized Access ---->|
|                              |<------ Analysis Results ------|

A.5. Use with PDMv2 Traffic

After registration:¶

PDMv2 packets are sent without any inline authentication or negotiation.¶
Endpoints locally derive any session-specific context needed to protect or interpret PDMv2 metrics.¶
Intermediate routers forward packets without modification or inspection.¶
Analyzers use registration-derived context to interpret collected data.¶

The registration system is not involved in the PDMv2 data path.¶

A.6. Key Lifecycle Considerations

In this example, the RADIUS/EAP infrastructure can support:¶

Periodic re-registration to refresh secrets¶
Revocation of authorization by disabling credentials¶
Federation across administrative domains¶
Separation of endpoint and analyzer privileges¶

Specific key derivation, transformation, or protection mechanisms are implementation-specific and intentionally outside the scope of this document.¶

A.7. Example Deployment: Federated Environments (eduroam-Style)

In federated environments such as global research and education networks, RADIUS is commonly deployed in a hierarchical or proxy-based architecture. An endpoint authenticates using credentials issued by its home organization, while authorization decisions may be enforced by visited or intermediate domains.¶

This model maps naturally to PDMv2 registration:¶

Endpoints authenticate using existing institutional credentials¶
Authorization for PDMv2 usage can be scoped by domain, role, or policy¶
Registration secrets are derived without requiring bilateral agreements between all participating domains¶

This example demonstrates that PDMv2 registration can scale across organizational and administrative boundaries.¶

A.8. Why TLS Session Keys Are Not Reused (Informative)

It may appear attractive to reuse TLS session keys for protecting PDMv2 metrics. However, this approach is not suitable for PDMv2 for several reasons:¶

Layering : PDMv2 operates at the IPv6 layer, while TLS is bound to transport-layer protocols such as TCP or QUIC.¶
Protocol Coverage : PDMv2 applies equally to UDP, ICMP, and other non-TLS-capable protocols.¶
Multiplicity of Flows : A single endpoint may emit PDMv2 data for multiple concurrent flows that do not share a common TLS session.¶
Analyzer Access : Offline analyzers may require access to PDMv2 data without participating in live TLS sessions.¶
Operational Simplicity : Registration decouples security establishment from traffic patterns and avoids inline negotiation complexity.¶

For these reasons, PDMv2 adopts a registration-based security model rather than reusing transport-layer session keys.¶

A.9. Summary

This appendix demonstrates that a RADIUS/EAP-based registration system can satisfy the PDMv2 registration requirements defined in this document. The example shows that secure, scalable, and federated registration can be achieved using existing AAA infrastructure, without constraining PDMv2 to a specific authentication or cryptographic technology.¶