"Is the IETF willing to respond to pervasive surveillance as an attack?" -> "respond" is not clear. Certainly we have to do something in response to what we now know. Sam is right, whatever we can imagine is probably already going on. However, what the response is is not agreed on.
"IETF should include encryption even outside of authentication where practical" -> "where practical" is not defined. I think each WG will know what to do with this as long as no one tries to claim that the IETF decided that we MUST have encryption in all cases.
"The IETF should strive for e2e encryption even when there are middleboxes in the path" -> "middleboxes" is a full spectrum of devices and functions. Some of them are quite useful. Until it's clear what the scope is, I hummed no.
"The IETF should strive for e2e encryption even when there are middleboxes in the path" -> "middleboxes" is a full spectrum of devices and functions. Some of them are quite useful. Until it's clear what the scope is, I hummed no.
Scott