Interesting, opportunistic encryption for everything, but effectively for nothing yet, as both endpoints need to support, IIUC. Is the main use case encrypting one's traffic to services one controls without individually setting up? Or is it conceivable to imagine supermajority of hosts running tcpcrypt so that large proportion of currently unencrypted traffic is encrypted?