I agree it would indeed be nice to support this. Do you have any particular use-case in mind? I don't recall seeing TOTP with SHA-2 used on any major site. If there is a compelling use-case that might improve chances of this being implemented earlier.
Thanks, /Simon Alessandro Ghedini <gh...@debian.org> writes: > Package: liboath0 > Version: 2.0.2-2 > Severity: wishlist > > Hi, > > according to RFC6238 section 1.2 [0], "TOTP implementations MAY use > HMAC-SHA-256 > or HMAC-SHA-512 functions, based on SHA-256 or SHA-512 [SHA2] hash functions". > > It would be nice if liboath (and pam_oath) supported this. > > Thanks > > [0] http://tools.ietf.org/html/rfc6238#section-1.2 > > -- System Information: > Debian Release: jessie/sid > APT prefers unstable > APT policy: (990, 'unstable'), (600, 'experimental') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 3.8-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > > Versions of packages liboath0 depends on: > ii libc6 2.17-1 > > liboath0 recommends no packages. > > liboath0 suggests no packages. > > -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
