How do you see auth working? You think all clients should just authenticate to all relays under every circumstance? Isn't that very bad for privacy?