Nathaniel McCallum is interested in creating a new pre-authentication mechanism which uses the SPAKE2 algorithm with elliptic curves to authenticate with passwords without allowing dictionary attacks. The mechanism will also allow strong, flexible integration with second-factor schemes.
The specification of this mechanism is in progress, hosted at https://github.com/npmccallum/ietf
Some pre-requisite facilities for this project were implemented for 1.14:
Downgrade to story until it has children, for easier manipulation in JIRA.