SecDir review: mitigation against contextual attack

[mcr]

The review is at: https://mailarchive.ietf.org/arch/msg/last-call/0JpYvkgL-79nvmsrUpWKtMqtkhE The review is positive, but asks for:

Even                       
if confidentiality is provided, the section goes on to state that information                        
can still be inferred by contextual or timing of the attestor exchange.  The                         
draft doesn’t describe ways to mitigate against this type of attack but should                       
give some guidance. 

[mcr]

I'm not sure how, in an abstract architecture, we can mitigate against timing attacks. A specific protocol could propose mechanisms to defeat traffic analysis, but I don't think that the architecture can do this. Other typos handled.