There are a lot more threats to privacy than just the NSA
We currently do not have a concise catalog the basic 'privacy' threats and their typical mitigations, appropriate for concern with IETF protocols. In effect, every new protocol effort must start with a blank sheet, and invent its own list of threats and possible protections against them.
One common outcome from this is that we tend to think of very localized mechanisms, rather than end-to-end. So we assume a model of things being one-hop or we implicitly trust intermediaries. (Hint, the web is often not 1-hop, what with proxies, etc...)
We need privacy templates for protocol design. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net