Changes to an existing protocol to improve privacy and security properties can lead to conflicts with deployments. Existing users of the protocol might rely on the protocol being the way it is.
Take the concerns with SNI in TLS. This is almost a paragon example of something that would fit the minimization/encryption criteria outlined in this document. However, the TLS ecosystem has evolved to rely on SNI being in the clear to the point that a general solution to the problem is basically intractable.
This is a problem that needs to be properly acknowledged, probably also in relation to #13.
Changes to an existing protocol to improve privacy and security properties can lead to conflicts with deployments. Existing users of the protocol might rely on the protocol being the way it is.
Take the concerns with SNI in TLS. This is almost a paragon example of something that would fit the minimization/encryption criteria outlined in this document. However, the TLS ecosystem has evolved to rely on SNI being in the clear to the point that a general solution to the problem is basically intractable.
This is a problem that needs to be properly acknowledged, probably also in relation to #13.