On Wed, Dec 11, 2013 at 10:18 AM, Randy Bush <randy@xxxxxxx> wrote: >> The IETF should absolutely try to make privacy/security a >> _possibility_, and that's why every effort should offer the >> _possibility_ of mitigation. That's as far as we should go. > > how many documents say if you want priavcy use ipsec. that's been a > real winner for us, eh? i always leave open the possibility that cash > may fall from the sky. More context: I said: "Regarding "where possible", since every situation is different, I do not think the IETF should try to find a balance, or say anything universal about deployment." I didn't mean we should just stop at making privacy possible, I meant that in writing this document, we shouldn't try to make short rule-of-thumb memes for what to do when. It's complicated. Trying to encapsulate it in something as short as "where possible" doesn't work. When you extend that to "unless that gets in the way of operations" you open up more cans of worms. I tried to keep what I said above short, and look where it got me. Scott