Hi

I have just PRed a draft version of two BIPs I recently wrote.
https://github.com/bitcoin/bips/pull/362

Two BIPs that addresses the problem of decoupling wallets/clients from
nodes while assuming a user (or a group) know the remote peer.

Authentication would be necessary to selective allow bloom filtering of
transactions, encryption or any other node service that might lead to
fingerprinting or resource attacks. Authentication would also be a
pre-requirement for certificate free encryption-handshakes that is
(enough?) resistant to MITM attacks.

Encryption is highly recommended if you connect a SPV node to a trusted
node.

Authentication would allow accessing private p2p extensions from a
remote SPV peer (example: fee estimation).

I'm aware of other methods to increase privacy and integrity (tor, VPN,
stunnel, etc.), however I think authentication and a basic communication
encryption should be part of the protocol and its setup should be
complete hassle-free.

Thanks for your feeback.

/jonas