at end of -63B Section 5.1.4.1: "The OTP value associated with a given nonce SHALL be accepted only once."
Of course, the same nonce might be applied to many subscribers (e.g., a timestamp used as a nonce for TOTP authenticators). A strict reading of this requirement might limit the service to authenticating only one user during the validity period (~30 seconds).
It might be good to clarify "...associated with a given nonce/secret combination..."
at end of -63B Section 5.1.4.1: "The OTP value associated with a given nonce SHALL be accepted only once."
Of course, the same nonce might be applied to many subscribers (e.g., a timestamp used as a nonce for TOTP authenticators). A strict reading of this requirement might limit the service to authenticating only one user during the validity period (~30 seconds).
It might be good to clarify "...associated with a given nonce/secret combination..."