In the secure remote password protocol version 6a, the identifier for the user, I, is hashed along with the salt and the password on the client.
While I understand the identifier is used to locate the verifier on the server, what is the purpose of including the identifier in the client side hash?
Does it serve a cryptographic purpose?
Is SRP weakened if I always use an empty string for I on the client?
