[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[OATH-Toolkit-help] Bug#707816: liboath0: SHA2 support for TOTP
From: |
Simon Josefsson |
Subject: |
[OATH-Toolkit-help] Bug#707816: liboath0: SHA2 support for TOTP |
Date: |
Thu, 30 May 2013 23:08:24 +0200 |
User-agent: |
Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3 (gnu/linux) |
Alessandro Ghedini <address@hidden> writes:
> On Thu, May 30, 2013 at 01:22:34PM +0200, Simon Josefsson wrote:
>> I agree it would indeed be nice to support this. Do you have any
>> particular use-case in mind? I don't recall seeing TOTP with SHA-2 used
>> on any major site. If there is a compelling use-case that might improve
>> chances of this being implemented earlier.
>
> Well, my original motivation was that I wanted to use pam_oath along with an
> hardware HMAC-SHA256 generator that I have around, but I later realized that
> it adds additional data to the HMAC which would probably make it incompatible
> with TOTP. Still, there's no harm in trying... but there's no urgency either.
Thanks for explaining. Let's see if someone wants to work on it,
patches are welcome.
/Simon