Does WPA3 OWE mean the return of Evil Twins?
When WPA3 has a reasonable level of market penetration, one of its key selling points is Opportunistic Wireless Encryption (OWE). In other words, a coffee shop can have a network without a password, and each WPA3 device that connects to it will still have its connection encrypted.
I'm concerned about how I will know that I'm connecting to the right Foo's Coffee WiFi SSID. With WPA2 PSK (and some forms of Enterprise), I could tell whether the server also knew the right password. I suspect that many businesses are only using a PSK for their public WiFi because that's the only way to encrypt data with WPA2. If they stop using a PSK once OWE is available, how do I know that I'm not connecting to an Evil Twin?
Is there a trust-after-first-use certificate pinning? Is there a way to type in a certificate fingerprint for TOFU? Is there any other mitigation at all? There's some speculation in the comments on this answer, but it's not what I was hoping to hear.
