The IESG has approved the following document: - 'HOTP: An HMAC-based One Time Password Algorithm ' <draft-mraihi-oath-hmac-otp-04.txt> as an Informational RFC This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Russ Housley. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-mraihi-oath-hmac-otp-04.txt Technical Summary This document describes an algorithm to generate one-time password values, based on HMAC. A security analysis of the algorithm is presented, and important parameters related to the secure deployment of the algorithm are discussed. The proposed algorithm can be used across a wide range of network applications ranging from remote VPN access, Wi-Fi network logon to transaction-oriented Web applications. This work is a joint effort by the OATH (Open AuTHentication) membership to specify an algorithm that can be freely distributed to the technical community. The authors believe that a common and shared algorithm will facilitate adoption of two-factor authentication on the Internet by enabling interoperability across commercial and open source implementations. Working Group Summary This is an individual contribution. No IETF WG was involved in the development. The algorithm was presented at the SAAG session during IETF 62 in an attempt to encourage comment and review. Protocol Quality This document was reviewed by Russ Housley for the IESG. RFC Editor Note Please see the editorial comments in the I-D Tracker. https://datatracker.ietf.org/public/pidtracker.cgi? command=print_ballot&ballot_id=1694&filename=draft-mraihi-oath-hmac-otp _______________________________________________ IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce
