RFC Errata
RFC 4226, "HOTP: An HMAC-Based One-Time Password Algorithm", December 2005
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 834
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2006-01-18
Held for Document Update by: Sean Turner
Date Held: 2010-07-30
Section E.4 says:
1) C-client >= C-server 2) C-client - C-server <= s 3) Check that HOTP client is valid HOTP(K,C-Client) 4) If true, the server sets C to C-client + 1 and client is authenticated ^^^ ^^^ ^^^
It should say:
1) C-client >= C-server 2) C-client - C-server <= s | 3) Check that HOTP client is valid HOTP(K,C-client) | 4) If true, the server sets C-server to C-client + 1 and client is authenticated
Notes:
Lines up with Errata ID 2402.
The enumeration in Appendix E.4, on page 34, contains inconsistent
variable namings (cf. [Errata ID 2402]!).
To make it self-consistent, change as detailed.