As that shows, this is a high-level technical specification; it‘s not about how to mitigate pervasive monitoring, but about the fact that Internet engineers should always think about how to mitigate such surveillance when they are drawing up IETF specifications. It‘s great that the IETF is starting to work along these lines, even if it is a rather melancholy acknowledgement that we now live in a world where the default assumption has to be that someone, somewhere, is trying to monitor on a massive scale what people are doing.