We recently changed the draft to allow the SPAKE2+ context string to be set by the application instead of hardcoded to a TLS specific value. Should we instead split down the middle and have a hardcoded prefix + application specific context? This may help mitigate cross-protocol attacks.