Errata Search
RFC Number:		Errata ID:
Source of RFC		Status:	All/Any Verified+Reported Verified Reported Held for Document Update Rejected
Area Acronym:	All/Any app art gen int ops rai rtg sec tsv wit	Type:	All/Any Editorial Technical
WG Acronym:		Submitter Name:
Other:	All/Any IAB INDEPENDENT IRTF Legacy Editorial	Date Submitted:
Summary Table Full Records

RFC 6287, "OCRA: OATH Challenge-Response Algorithm", June 2011

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

---

Errata ID: 4401
Status: Reported
Type: Editorial
Publication Format(s) : TEXT
Reported By: Anthony
Date Reported: 2015-06-25

Section 6.4 says:

"OCRA-1:HOTP-SHA1-4:QH8-S512" means version 1 of OCRA with HMAC-
SHA1 function, truncated to a 4-digit value, using a random
hexadecimal challenge up to 8 nibbles and a session value of 512
bytes

It should say:

"OCRA-1:HOTP-SHA1-4:QH08-S512" means version 1 of OCRA with HMAC-
SHA1 function, truncated to a 4-digit value, using a random
hexadecimal challenge up to 8 nibbles and a session value of 512
bytes

Notes:

I have changed "QH8" to "QH08".

Report New Errata