**Session Date/Time:** 23 Jul 2024 20:00 # ippm ## Summary The IPPM meeting covered several working group documents, including updates on encrypted PDM, data integrity for IOM, hybrid testing, and asymmetric stamp extension. Discussions focused on technical details, security considerations, and applicability of these methods. The group also explored documents not yet adopted, such as the IPV6 query for IOM capabilities and ICMPV6 loopback. Several lightning talks introduced new work and solicited feedback. ## Key Discussion Points * **Encrypted PDM:** Overflow handling for PSN and EPIC was discussed. PSN was expanded from 16 to 32 bits. The group clarified that PDM will stop when counters overflow and the recommendation is to zero out irrelevant fields. * **IOM Data Integrity:** NIST recommendations for nonce construction were discussed. There was consensus to use "must" instead of "recommended" for nonce size (12 bytes) when integrity protection is enabled. Option A (node must not process the IOM option type if it encounters an unknown method ID) was preferred over Option B. The group discussed the issue of transit nodes participating in integrity protection. * **Hybrid Testing:** Comments from Bjorn and Martin were addressed. The discussion covered operational considerations and applicability to alternate marking methods. * **Asymmetric Stamp Extension:** Security issues, particularly amplification attacks and replay attacks, were addressed. HMAC TLV was recommended and it was noted that Sequence numbers in the base stamp packet can be used to mitigate against reply attacks. Setting limits on the number of packets being reflected was also discussed. * **Stamp Extension for Reflecting Stamp Packet Extension Headers:** Issues with multiple extension headers with the same length were raised, and solutions involving pre-field options were discussed. Reflecting only outer IPV6 SRH header and the addition of a use reflected control TLV for one-way measurements were also proposed. * **Quality Outcome Metric:** Live streaming, gaming, and video conferencing applications were used to determine latency thresholds for usability. * **Alternate Marking Deployment:** Discussion about the scope of the draft and references to related documents such as the MPLS imband PM encapsulation draft. * **IPV6 Query for IOM Capabilities:** The security recommendations for this draft were raised, with a plan for offline discussion. * **ICMPV6 Loopback:** The working group discussed the correct forum for this discussion, either six-man or IPPM ## Decisions and Action Items * **Encrypted PDM:** Update the draft to reflect the zeroing out of irrelevant fields after PDM stops. * **IOM Data Integrity:** Use "must" for nonce size when integrity protection is enabled. Pursue option A for the behaviour on unknown method ID. * **Alternate Marking Deployment:** Add a reference to the MPLS imband PM encapsulation draft. * **Young Data Model for Altmark:** The group will consider this for adoption, after the author addresses the number of authors. * **IPV6 Query for IOM Capabilities:** Joint last call in IPPM and Sixth Man, with focus on the security considerations. * **ICMPV6 Loopback:** Coordinate with six-man chairs to decide on the best place for that discussion. ## Next Steps * Authors to update drafts based on discussions and comments. * Mailing list discussion for topics requiring more input. * Consideration of working group adoption for several drafts after revisions.