> That said, I do agree that this document is about the general principle, not the details of how it applies to particular technology. We should get the document clear that we (the IETF) intend to take seriously the security threat of pervasive monitoring of data, a threat that we didn't take as seriously before, and that we will attempt to mitigate that threat in our protocols, where it is possible *and* sensible. I think the current rev of the document is darn close (if not already there) on the general principle, though I'm fine with finding the words to make the "possible and sensible" part agreeable to folks. +1 Jari