On Thu, May 30, 2013 at 01:22:34PM +0200, Simon Josefsson wrote: > I agree it would indeed be nice to support this. Do you have any > particular use-case in mind? I don't recall seeing TOTP with SHA-2 used > on any major site. If there is a compelling use-case that might improve > chances of this being implemented earlier.
Well, my original motivation was that I wanted to use pam_oath along with an
hardware HMAC-SHA256 generator that I have around, but I later realized that
it adds additional data to the HMAC which would probably make it incompatible
with TOTP. Still, there's no harm in trying... but there's no urgency either.
Cheers
--
perl -E '$_=q;$/= @{[@_]};and s;\S+;<inidehG ordnasselA>;eg;say~~reverse'
signature.asc
Description: Digital signature
