Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.507 (Entity 5.507) RT-Send-CC: X-RT-Original-Encoding: iso-8859-1 Content-Length: 615 Optimistic SPAKE might not be completely safe in scenarios like the following: a KDC offers PKINIT and 1FA SPAKE for a principal, the former providing either a more convenient passwordless login experience or a more generous authentication indicator, the latter being a fallback option for devices that don't possess the client certificate. If the client does optimistic SPAKE, it won't learn about the KDC's offer of PKINIT, and will ask for the password and/or settle for not getting the PKINIT auth indicator. So perhaps explicit configuration should be required for the client to use optimistic SPAKE.