Technical Summary
This document describes an algorithm to generate one-time password
values, based on HMAC. A security analysis of the algorithm is
presented, and important parameters related to the secure deployment
of the algorithm are discussed. The proposed algorithm can be used
across a wide range of network applications ranging from remote VPN
access, Wi-Fi network logon to transaction-oriented Web applications.
This work is a joint effort by the OATH (Open AuTHentication)
membership to specify an algorithm that can be freely distributed to
the technical community. The authors believe that a common and shared
algorithm will facilitate adoption of two-factor authentication on the
Internet by enabling interoperability across commercial and open
source implementations.
Working Group Summary
This is an individual contribution. No IETF WG was involved in the
development. The algorithm was presented at the SAAG session during
IETF 62 in an attempt to encourage comment and review.
Protocol Quality
This document was reviewed by Russ Housley for the IESG.
RFC Editor Note
Please see the editorial comments in the I-D Tracker.
https://datatracker.ietf.org/public/pidtracker.cgi?
command=print_ballot&ballot_id=1694&filename=draft-mraihi-oath-hmac-otp