i have read this draft and followed the discussion on saag. i think it
is needed and worthwhile contribution. while i am especially fond of
encrypt by default, it is important that inability to authenticate must
not lead to cleartext when unauthenticated encryption is possible.
randy