As of release 1.17, KDC can be configured to apply authentication indicator for SPAKE, PKINIT, and encrypted challenge preauth, which is not configured in current freeIPA.
For the record SPAKE is documented at https://web.mit.edu/kerberos/krb5-latest/doc/admin/spake.html
Metadata Update from @abbra:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
to comment on this ticket.