On Thu, May 26, 2016, at 20:42, Tom Herbert wrote: > Thinking about this some more, the per option white list is a better > approach. If we allow an open ended mechanism for applications to > signal the network with arbitrary data (like user specified hbp > options would be), then use of that mechanism will inevitably > exploited by some authorities to force user to hand over private data > about their communications. It's better to not build in back doors to > security...
Also I don't think that HbH options form some kind of hidden covert channel. They mostly appear by unused fields which cannot be verified by the other (receiving) side in any way.
