RD AD privacy considerations for conceptual messages

[mcr]

** Section 11.
If
   confidentiality protection of the conceptual messages is omitted or
   unavailable, the protecting protocols that convey Evidence or
   Attestation Results are responsible for detailing what kinds of
   information are disclosed, and to whom they are exposed.

-- What is meant by "conceptional message" here?  

-- What does it mean that "the protecting protocols ... are responsible for detailing what 
kinds of information are disclosed?"
Is this text saying that if there isn't native object-level confidentiality protection in the 
Evidence and Attestation Results, the transport protocol should provide these protections?

-- Should the appraisal policies get similar protection?

[nedmsmith]

I suggest sticking to defined terminology such as 'conveyance protocol' instead of 'protecting protocols'. The 'kinds of information disclosed' is terminology for 'Claims'.

It might make sense to include the line "If there isn't confidentiality protection of Evidence and Attestation Results in the conceptual messages, the underlying conveyance protocol should provide these protections."

[mcr]

"for example, if there isn't object-level confidentiality protection of messages, then the transport protocol should provide it"

"If there isn't confidentiality protection of Evidence and Attestation Results in the conceptual messages, the underlying conveyance protocol should provide these protections."