Re: crypto-ISSUE-22: Should CryptoOperations be clonable [Web Cryptography API]

In NSS, cloning of a crypto operation is only used in the SSL/TLS
protocol and only used for the handshake hashes:,3704,3731-3732#3694

In SSL/TLS, the handshake hashes are used in the Finished message, but
if client authentication is used, the handshake hashes are also used
in the CertificateVerify message.

A function for cloning a hash operation is also present in Windows
CNG: BCryptDuplicateHash

I suspect BCryptDuplicateHash (and its predecessor CryptDuplicateHash)
was also added to support SSL/TLS.

This is the only use of cloning I know of.

If no one else comes forward with a use case or a use of cloning in
some other protocol, then it doesn't seem necessary to support cloning


Received on Friday, 24 August 2012 00:10:00 UTC