"Caching the Response" says, "Note that the additional and authority sections from a DNS response message are specifically excluded here. Any records from these sections MUST NOT be tied to a network." This conflicts a bit with draft-kumari-dnsop-multiple-responses, which wants to put data in the additional section that an authoritative nameserver that does ECS would probably want to tailor.
Since how a resolver will handle this is an important consideration for the auth server, there should be a way to communicate this from the resolver, but its hard to see how that can be done with the structure of the option as it stands. At the moment it pretty much doesn't affect Akamai's implementation, at least, because when we provided addresses in Additional they are for the NSs in Auth and we resolver-map them anyway.
Anyway, one possible way to handle this protocol conflict would be to to break the FAMILY field down. Since FAMILY is expressly limited to IPv4 and IPv6, and we'd have to take protocol action anyway to define things for another FAMILY, it technically needs only two bits. However, to give it some measure of flexible future-proofing it could be kept as long as even 12 or 13 bits will still allowing 3-4 bits (values 0-7 or 0-15) for versioning. Even 7 is probably way more versions than would ever realistically happen.
Even if the multiple-responses draft never advances, maybe versioning ECS would be a good idea to have ready anyway. And it could help with the whole problem of servers that just echo back EDNS0 options that they don't understand, too, because a bit could be stolen that has to be toggled.
But maybe breaking the FAMILY field down is just as much a problem as keeping FAMILY 16 bits and adding a new field to deal with versioning. I haven't thought it through enough as for how roll-out would go.