Skip Menu |
 

Subject: Implement client optimistic SPAKE, perhaps by default
SPAKE preauth is a great candidate for client optimistic preauth, as
the initial support message is small and requires no credentials to
generate. Right now an application can request optimistic SPAKE, but
profile configuration cannot, and it's not clear that any configuration
should be required.
Optimistic SPAKE might not be completely safe in scenarios like the
following: a KDC offers PKINIT and 1FA SPAKE for a principal, the
former providing either a more convenient passwordless login experience
or a more generous authentication indicator, the latter being a
fallback option for devices that don't possess the client certificate.
If the client does optimistic SPAKE, it won't learn about the KDC's
offer of PKINIT, and will ask for the password and/or settle for not
getting the PKINIT auth indicator.

So perhaps explicit configuration should be required for the client to
use optimistic SPAKE.