IMPLEMENTOR WARNING: Non-compliant HMAC implementations

Taral taralx at
Wed Jul 6 13:12:32 PDT 2005

Someone recently pointed out that my library doesn't appear to work
with the OpenID demo. I traced this down to a failure of
Net::OpenID::Consumer to pad HMAC keys out to 64 bytes as specified
with RFC 2104.

Other consumer/server writers should check that their HMAC
implementations comply with the standard.

Taral <taralx at>

More information about the yadis mailing list