On Thu, 16 Nov 2023, Valery Smyslov wrote:
I still think that PAKE is different in its use cases, than PSK. PAKE is good when the secret is not stored on the host at all, only user knows it (so, if your notebook is stolen, the theft gets nothing). PSK assumes that they are stored somewhere, so that no human intervention is needed to access them.
But humans are moving more towards OTP / FIDO as password replacement, so in those cases PAKE does not make much sense. And for devices between organizations with no shared CA certs, PSKs are often used by storing them on the device itself. I think these are the most commonly exposed PSKs as Remote Access VPNs using PSKs is horrible if you have more than one or two users. (I'm ignoring the PSK based L2TP which has another authentication step at the PPP level, but that is all IKEv1 legacy and they deserve all the pain :) Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
