There are a number of issues related to the PAKE API at the moment. The addition of support for SPAKE2+ (see #73), and issues identified during implementation of the current Beta API (see #86, #87, #88 and #89).
The resolution of these issues and enhancements should be combined into an update to the PAKE API. I see a couple of ways to release those changes:
- As another Beta of the PAKE Extension, on the assumption that we are uncertain that we have identified all of the API details for supporting this class of algorithm. In which case, we would aim to publish something like a "Crypto API 1.2 PAKE Extension Beta-1" document, as we are working on a 1.2 update to the main specification.
- Alternatively, this could be upgraded to Final, on the assumption that we have identified the major details of the API via multiple implementations, and supporting multiple PAKE algorithms; and also on the expectation that application usage of the API will increase due to the use of SPAKE2+ in Matter and ECJPAKE in TLS 1.2, and API stability becomes important. In this case, we would aim to integrate the PAKE API into the Crypto API 1.2 (or perhaps 1.3) release, as we would no longer require a separate document.
Is there a strong argument for choosing one of these approaches over the other?
There are a number of issues related to the PAKE API at the moment. The addition of support for SPAKE2+ (see #73), and issues identified during implementation of the current Beta API (see #86, #87, #88 and #89).
The resolution of these issues and enhancements should be combined into an update to the PAKE API. I see a couple of ways to release those changes:
Is there a strong argument for choosing one of these approaches over the other?