I was thinking that if it's a proprietary OTP, we can still use it even if the
algorithm is secret. If we know we're getting a "clear text" OTP value and we
have an (unspecified) method of verifying it against some external
infrastructure, that's enough to use otp-preauth.
However I don't think this actually requires a complete registry. A single
undefined/external entry for the existing PSKC registry would be sufficient,
wouldn't it?
On Aug 29, 2011, at 7:03 AM, Sam Hartman wrote:
What information required by the PSC registry do we not need?
The only thing I see is the XML information, but it looks like that
could be blank.
------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry(_dot_)B(_dot_)Hotz(_at_)jpl(_dot_)nasa(_dot_)gov, or
hbhotz(_at_)oxy(_dot_)edu
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf