I was thinking that if it's a proprietary OTP, we can still use it even if the algorithm is secret. If we know we're getting a "clear text" OTP value and we have an (unspecified) method of verifying it against some external infrastructure, that's enough to use otp-preauth. However I don't think this actually requires a complete registry. A single undefined/external entry for the existing PSKC registry would be sufficient, wouldn't it? On Aug 29, 2011, at 7:03 AM, Sam Hartman wrote: > What information required by the PSC registry do we not need? > The only thing I see is the XML information, but it looks like that > could be blank. ------------------------------------------------------ The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@xxxxxxxxxxxx, or hbhotz@xxxxxxx _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf