One annoyance I found when I implemented it:

the key is given in base32. The RFC does not mention this.

great annoyance, all tests in the RFC passed but it didn't work with my actual account...