Adding some text to the Implementation Considerations section, by creating a subsection called "Handling Online Guessing Attacks", and highlighting the fact that servers should treat incomplete AKE interactions (after client receives KE2) as authentication failures by default.
Adding some text to the Implementation Considerations section, by creating a subsection called "Handling Online Guessing Attacks", and highlighting the fact that servers should treat incomplete AKE interactions (after client receives KE2) as authentication failures by default.