IETF Logo Mail Archive

[rfc-dist] RFC 6238 on TOTP: Time-Based One-Time Password Algorithm

rfc-editor at rfc-editor.org (rfc-editor at rfc-editor.org) Fri, 13 May 2011 23:46 UTC

From: "rfc-editor at rfc-editor.org"
Date: Fri, 13 May 2011 16:46:00 -0700
Subject: [rfc-dist] RFC 6238 on TOTP: Time-Based One-Time Password Algorithm
Message-ID: <20110513234600.3E206E0781@rfc-editor.org>

A new Request for Comments is now available in online RFC libraries.

        
        RFC 6238

        Title:      TOTP: Time-Based One-Time Password Algorithm 
        Author:     D. M'Raihi, S. Machani,
                    M. Pei, J. Rydell
        Status:     Informational
        Stream:     IETF
        Date:       May 2011
        Mailbox:    davidietf at gmail.com, 
                    smachani at diversinet.com, 
                    Mingliang_Pei at symantec.com,  
                    johanietf at gmail.com
        Pages:      16
        Characters: 32174
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-mraihi-totp-timebased-08.txt

        URL:        http://www.rfc-editor.org/rfc/rfc6238.txt

This document describes an extension of the One-Time Password (OTP)
algorithm, namely the HMAC-based One-Time Password (HOTP) algorithm,
as defined in RFC 4226, to support the time-based moving factor.  The
HOTP algorithm specifies an event-based OTP algorithm, where the
moving factor is an event counter.  The present work bases the moving
factor on a time value.  A time-based variant of the OTP algorithm
provides short-lived OTP values, which are desirable for enhanced
security.

The proposed algorithm can be used across a wide range of network
applications, from remote Virtual Private Network (VPN) access and
Wi-Fi network logon to transaction-oriented Web applications.  The
authors believe that a common and shared algorithm will facilitate
adoption of two-factor authentication on the Internet by enabling
interoperability across commercial and open-source implementations.
This document is not an Internet Standards Track specification; it is
published for informational purposes.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  http://www.ietf.org/mailman/listinfo/ietf-announce
  http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html.
For downloading RFCs, see http://www.rfc-editor.org/rfc.html.

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor at rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

v2.23.0 | Report a Bug | By Email