prop340: Expand on why we don't allow DATA fragmentation

I was going to propose allowing DATA fragmentation, but I think I've talked myself out of it. I think it'll be useful to have a record of this line of thought for future reference.

Also happy to discuss this further or shown to be wrong :)

In particular I'm not sure how real the concern about fingerprinting / covert channels is, but figured I'd call it out as something we'd need to think through harder if want to consider changing course. For covert channels I suspect an attacker could already do just as well by choosing "weird" DATA message sizes. Likewise the fingerprinting opportunities are probably not that much worse than the general flexibility allowed in packing strategies.