W3C home > Mailing lists > Public > public-webcrypto@w3.org > August 2012

Re: crypto-ISSUE-22: Should CryptoOperations be clonable [Web Cryptography API]

From: Wan-Teh Chang <wtc@google.com>
Date: Thu, 23 Aug 2012 17:09:18 -0700
Message-ID: <CALTJjxEgsju--_wNtfXhSKs+uw-UoXVogWj+oa9FixC=PpKUSg@mail.gmail.com>
To: David Dahl <ddahl@mozilla.com>
Cc: Ryan Sleevi <sleevi@google.com>, Web Cryptography Working Group <public-webcrypto@w3.org>
In NSS, cloning of a crypto operation is only used in the SSL/TLS
protocol and only used for the handshake hashes:


In SSL/TLS, the handshake hashes are used in the Finished message, but
if client authentication is used, the handshake hashes are also used
in the CertificateVerify message.

A function for cloning a hash operation is also present in Windows
CNG: BCryptDuplicateHash

I suspect BCryptDuplicateHash (and its predecessor CryptDuplicateHash)
was also added to support SSL/TLS.

This is the only use of cloning I know of.

If no one else comes forward with a use case or a use of cloning in
some other protocol, then it doesn't seem necessary to support cloning

Received on Friday, 24 August 2012 00:10:00 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:01:25 UTC