Subject: | Implement client optimistic SPAKE, perhaps by default |
SPAKE preauth is a great candidate for client optimistic preauth, as
the initial support message is small and requires no credentials to
generate. Right now an application can request optimistic SPAKE, but
profile configuration cannot, and it's not clear that any configuration
should be required.
the initial support message is small and requires no credentials to
generate. Right now an application can request optimistic SPAKE, but
profile configuration cannot, and it's not clear that any configuration
should be required.