RFC Errata
RFC 4226, "HOTP: An HMAC-Based One-Time Password Algorithm", December 2005
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 2404
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2006-01-18
Held for Document Update by: Sean Turner
Date Held: 2010-07-30
Section A.3 says:
Oracle AuthO() -------------- A = ALG(K,C) C = C + 1 Return O to B Oracle VerO(A) -------------- i = C While (i <= C + s - 1 and Win == FALSE) do If A == ALG(K,i) then Win = TRUE; C = i + 1 Else i = i + 1 Return Win to B
It should say:
Oracle AuthO() -------------- A = ALG(K,C) C = C + 1 | Return A to B Oracle VerO(A) -------------- | i = C' | While (i <= C' + s - 1 and Win == FALSE) do | If A == ALG(K,i) then Win = TRUE; C' = i + 1 Else i = i + 1 Return Win to B
Notes:
another typo, and continuation of Errata ID 2402.
Still in Appendix A.3, the text on the upper half of page 19 contains
a wrong (undefined) variable name 'O' which should be 'A' instead,
and it should be adapted according to [Errata ID 2402].