Resolve formatting inconsistencies that were introduced.
authorRyan Sleevi <sleevi@google.com
Thu, 13 Feb 2014 00:00:00 -0800
changeset 102 3673e3dcbedc
parent 101 ab04a3b8b270
child 103 a0b7e7c69e69
Resolve formatting inconsistencies that were introduced.
spec/Overview-WebCryptoAPI.xml
spec/Overview.html
--- a/spec/Overview-WebCryptoAPI.xml	Fri Feb 07 16:03:28 2014 -0800
+++ b/spec/Overview-WebCryptoAPI.xml	Thu Feb 13 00:00:00 2014 -0800
@@ -56,14 +56,14 @@
     <div class='section'>
       <h2>Abstract</h2>
       <p>
-This specification describes a JavaScript API for performing basic
-cryptographic operations in web applications, such as hashing,
-signature generation and verification, and encryption and decryption.
-Additionally, it describes an API for applications to generate and/or
-manage the keying material necessary to perform these operations. 
-Uses for this API range from user or service authentication, document
-or code signing, and the confidentiality and integrity of
-communications.
+        This specification describes a JavaScript API for performing basic
+        cryptographic operations in web applications, such as hashing,
+        signature generation and verification, and encryption and decryption.
+        Additionally, it describes an API for applications to generate and/or
+        manage the keying material necessary to perform these operations. 
+        Uses for this API range from user or service authentication, document
+        or code signing, and the confidentiality and integrity of
+        communications.
       </p>
   
       <?revision-note?>
@@ -99,7 +99,6 @@
       <p>
         Previous discussion of this specification has taken place on three other
         mailing lists: <a href="mailto:[email protected]">[email protected]</a>
-
         (<a href="http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2011-May/031741.html">archive</a>)
         , <a href="mailto:[email protected]">[email protected]</a>
         (<a href="http://lists.w3.org/Archives/Public/public-web-security/2011Jun/0000.html">archive</a>), and 
@@ -109,13 +108,13 @@
       </p>
       
       <p>
-        Web content and browser developers are encouraged to review this draft. Please send comments to
-        <a href="mailto:[email protected]">[email protected]</a>,
-        the <acronym title="World Wide Web Consortium">W3C</acronym>'s public email list for issues related
-        to Web Cryptography.
-        <a href="http://lists.w3.org/Archives/Public/public-webcrypto-comments/">Archives</a> of the public list and
-        <a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a> of the member's-only list
-        are available.
+        Web content and browser developers are encouraged to review this draft. Please send comments
+        to <a href="mailto:[email protected]">[email protected]</a>,
+        the <acronym title="World Wide Web Consortium">W3C</acronym>'s public email list for issues
+        related to Web Cryptography. <a
+        href="http://lists.w3.org/Archives/Public/public-webcrypto-comments/">Archives</a> of the
+        public list and <a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>
+        of the member's-only list are available.
       </p>
       <p>
         Changes made to this document can be found in the
@@ -330,30 +329,31 @@
           <p>
             The specification attempts to focus on the common functionality and features between
             various platform-specific or standardized cryptographic APIs, and avoid features and
-            functionality that are specific to one or two implementations. As such this API allows key
-            generation, management, and exchange with a level of abstraction that avoids developers
-            needing to care about the implementation of the underlying key storage. The API is focused
-            specifically around Key objects, as an abstraction for the underlying raw cryptographic
-            keying material. The intent behind this is to allow an API that is generic enough to allow
-            conforming user agents to expose keys that are stored and managed directly by the user agent,
-            that may be stored or managed using isolated storage APIs such as per-user key stores provided
-            by some operating systems, or within key storage devices such as secure elements, while allowing
-            rich web applications to manipulate the keys and without requiring the web application be
-            aware of the nature of the underlying key storage.
+            functionality that are specific to one or two implementations. As such this API allows
+            key generation, management, and exchange with a level of abstraction that avoids
+            developers needing to care about the implementation of the underlying key storage. The
+            API is focused specifically around Key objects, as an abstraction for the underlying raw
+            cryptographic keying material. The intent behind this is to allow an API that is generic
+            enough to allow conforming user agents to expose keys that are stored and managed
+            directly by the user agent, that may be stored or managed using isolated storage APIs
+            such as per-user key stores provided by some operating systems, or within key storage
+            devices such as secure elements, while allowing rich web applications to manipulate the
+            keys and without requiring the web application be aware of the nature of the underlying
+            key storage.
           </p>
         </div>
         <div class="section" id="scope-algorithms">
           <h3>Cryptographic algorithms</h3>
           <p>
-            Because the underlying cryptographic implementations will vary between conforming user agents,
-            and may be subject to local policy, including but not limited to concerns such as government
-            or industry regulation, security best practices, intellectual property concerns, and
-            constrained operational environments, this specification does not dictate a mandatory set of
-            algorithms that <span class="RFC2119">MUST</span> be implemented. Instead, it defines a
-            common set of bindings that can be used in an algorithm-independent manner, a common
-            framework for discovering if a user agent or key handle supports the underlying algorithm,
-            and a set of conformance requirements for the behaviours of individual algorithms, if
-            implemented.
+            Because the underlying cryptographic implementations will vary between conforming user
+            agents, and may be subject to local policy, including but not limited to concerns such
+            as government or industry regulation, security best practices, intellectual property
+            concerns, and constrained operational environments, this specification does not dictate
+            a mandatory set of algorithms that <span class="RFC2119">MUST</span> be implemented.
+            Instead, it defines a common set of bindings that can be used in an
+            algorithm-independent manner, a common framework for discovering if a user agent or key
+            handle supports the underlying algorithm, and a set of conformance requirements for the
+            behaviours of individual algorithms, if implemented.
           </p>
         </div>
         <div class="section" id="scope-operations">
@@ -368,14 +368,14 @@
         <div class="section" id="scope-out-of-scope">
           <h3>Out of scope</h3>
           <p>
-            This API, while allowing applications to generate, retrieve, and manipulate keying material,
-            does not specifically address the provisioning of keys in particular types of key
-            storage, such as secure elements or smart cards. This is due to such provisioning operations
-            often being burdened with vendor-specific details that make defining a vendor-agnostic
-            interface an unsuitably unbounded task. Additionally, this API does not deal with or address
-            the discovery of cryptographic modules, as such concepts are dependent upon the underlying
-            user agent and are not concepts that are portable between common operating systems,
-            cryptographic libraries, and implementations.
+            This API, while allowing applications to generate, retrieve, and manipulate keying
+            material, does not specifically address the provisioning of keys in particular types of
+            key storage, such as secure elements or smart cards. This is due to such provisioning
+            operations often being burdened with vendor-specific details that make defining a
+            vendor-agnostic interface an unsuitably unbounded task. Additionally, this API does not
+            deal with or address the discovery of cryptographic modules, as such concepts are
+            dependent upon the underlying user agent and are not concepts that are portable between
+            common operating systems, cryptographic libraries, and implementations.
           </p>
         </div>
       </div>
@@ -419,12 +419,12 @@
               <li>
                 <a href="https://www.w3.org/2012/webcrypto/track/issues/33">ISSUE-33</a>
                 One proposed technical solution for user agents is to implement "key tainting", in
-                which it records how a particular key has been used (eg: algorithms, parameters), and
-                prevents it from being re-used in a manner that is unsafe or contrary to the security -
-                such as preventing a PKCS1-v1.5 key from being used with RSA-PSS, or preventing an
-                RSA-OAEP w/ MGF1-SHA1 from being used with RSA-OAEP w/ MGF1-SHA256. Questions exist
-                about whether this should be encouraged or permitted, and the interoperability concerns
-                it might cause.
+                which it records how a particular key has been used (eg: algorithms, parameters),
+                and prevents it from being re-used in a manner that is unsafe or contrary to the
+                security - such as preventing a PKCS1-v1.5 key from being used with RSA-PSS, or
+                preventing an RSA-OAEP w/ MGF1-SHA1 from being used with RSA-OAEP w/ MGF1-SHA256.
+                Questions exist about whether this should be encouraged or permitted, and the
+                interoperability concerns it might cause.
               </li>
             </ul>
           </div>
@@ -447,13 +447,13 @@
           </p>
           <p>
             While the API in this specification provides a means to protect keys from future access
-            by web applications, it makes no statements as to how the actual keying material will
-            be stored by an implementation. As such, although a key may be inaccessible to web
-            content, it should not be presumed that it is inaccessible to end-users. For example, a
+            by web applications, it makes no statements as to how the actual keying material will be
+            stored by an implementation. As such, although a key may be inaccessible to web content,
+            it should not be presumed that it is inaccessible to end-users. For example, a
             conforming user agent may choose to implement key storage by storing key material in
             plain text on device storage. Although the user agent prevents access to the raw keying
-            material to web applications, any user with access to device storage may be able to recover
-            the key.
+            material to web applications, any user with access to device storage may be able to
+            recover the key.
           </p>
         </div>
       </div>
@@ -466,9 +466,9 @@
           <dd>
             Malicious applications may be able to fingerprint users or user agents by detecting or
             enumerating the list of algorithms that are supported. This is especially true if an
-            implementation exposes details about users' smart cards or secure element storage, as the
-            combination of algorithms supported by such devices may be used to fingerprint devices
-            more accurately than just the particular user agent.
+            implementation exposes details about users' smart cards or secure element storage, as
+            the combination of algorithms supported by such devices may be used to fingerprint
+            devices more accurately than just the particular user agent.
           </dd>
           <dt>Tracking</dt>
           <dd>
@@ -483,9 +483,9 @@
             associate users with keys. These associations may be used to enhance the security of
             authenticating to the application, such as using a key stored in a secure element as a
             second factor, or may be used by users to assert some identity, such as an e-mail
-            signing identity. As such, these keys often live longer than their counterparts such
-            as usernames and passwords, and it may be undesirable or prohibitive for users to
-            revoke these keys.
+            signing identity. As such, these keys often live longer than their counterparts such as
+            usernames and passwords, and it may be undesirable or prohibitive for users to revoke
+            these keys.
             Because of this, keys may exist longer than the lifetime of the browsing context
             [<a href="#HTML">HTML</a>] and beyond the lifetime of items such as cookies, thus
             presenting a risk that a user may be tracked even after clearing such data. This is
@@ -554,10 +554,10 @@
           are defined by the HTML specification [<a href="#HTML">HTML</a>].
         </p>
         <p>
-          When this specification says to <dfn id="terminate-the-algorithm">terminate the algorithm</dfn>,
-          the user agent must terminate the algorithm after finishing the step it is on. The algorithm
-          referred to is the set of specification-defined processing steps, rather than the underlying
-          cryptographic algorithm that may be in the midst of processing.
+          When this specification says to <dfn id="terminate-the-algorithm">terminate the
+          algorithm</dfn>, the user agent must terminate the algorithm after finishing the step it
+          is on. The algorithm referred to is the set of specification-defined processing steps,
+          rather than the underlying cryptographic algorithm that may be in the midst of processing.
         </p>
       </div>
 
@@ -584,13 +584,13 @@
             as much entropy as practicable.
           </div>
           <div class="note">
-            This interface defines a synchronous method for obtaining cryptographically
-            random values. While some devices and implementations may support truly random cryptographic
+            This interface defines a synchronous method for obtaining cryptographically random
+            values. While some devices and implementations may support truly random cryptographic
             number generators or provide interfaces that block when there is insufficient entropy,
-            implementations are discouraged from using these sources when implementing getRandomValues,
-            both for performance and to avoid depleting the system of entropy. Instead, these sources
-            should be used to seed a cryptographic pseudo-random number generator that can then return
-            suitable values efficiently.
+            implementations are discouraged from using these sources when implementing
+            getRandomValues, both for performance and to avoid depleting the system of entropy.
+            Instead, these sources should be used to seed a cryptographic pseudo-random number
+            generator that can then return suitable values efficiently.
           </div>
         </div>
         <div id="RandomSource-interface-methods" class="section">
@@ -632,7 +632,8 @@
             <div class="note">
               <p>
                 Do not generate keys using the <code>getRandomValues</code> method. Use the
-                <a href="#dfn-SubtleCrypto-method-generateKey"><code>generateKey</code></a> method instead.
+                <a href="#dfn-SubtleCrypto-method-generateKey"><code>generateKey</code></a> method
+                instead.
               </p>
             </div>
           </div>
@@ -689,19 +690,18 @@
           <h3>Description</h3>
           <span class="normative">This section is non-normative</span>
           <p>
-            This specification provides a uniform interface for many different kinds of keying material
-            managed by the user agent. This may include keys that have been generated by the user agent,
-            derived from other keys by the user agent, imported to the user agent through user actions
-            or using this API, pre-provisioned within software or hardware to which the user agent has
-            access or made available to the user agent in other ways. The term key refers broadly to
-            any keying material including actual keys for cryptographic operations and secret
-            values obtained within key derivation or exchange operations.
+            This specification provides a uniform interface for many different kinds of keying
+            material managed by the user agent. This may include keys that have been generated by
+            the user agent, derived from other keys by the user agent, imported to the user agent
+            through user actions or using this API, pre-provisioned within software or hardware to
+            which the user agent has access or made available to the user agent in other ways. The
+            term key refers broadly to any keying material including actual keys for cryptographic
+            operations and secret values obtained within key derivation or exchange operations.
           </p>
           <p>
             The Key object is not required to directly interface with the underlying key storage
-            mechanism, and may instead simply be a reference for the user agent to understand how
-            to obtain the keying material when needed, eg. when performing a cryptographic
-            operation.
+            mechanism, and may instead simply be a reference for the user agent to understand how to
+            obtain the keying material when needed, eg. when performing a cryptographic operation.
           </p>
         </div>
 
@@ -709,21 +709,25 @@
           <h3>Key interface data types</h3>
           <dl>
             <dt id="dfn-KeyType"><code>KeyType</code></dt>
-            <dd>The type of a key. The <dfn id="dfn-RecognizedKeyType">recognized key type values</dfn> are <code>"public"</code>, <code>"private"</code> and <code>"secret"</code>.
-                Opaque keying material, including that used for symmetric algorithms, is represented by <code>"secret"</code>,
-                while keys used as part of asymmetric algorithms composed of public/private keypairs will be either
-                <code>"public"</code> or <code>"private"</code>.
+            <dd>
+              The type of a key. The <dfn id="dfn-RecognizedKeyType">recognized key type values</dfn>
+              are <code>"public"</code>, <code>"private"</code> and <code>"secret"</code>.
+              Opaque keying material, including that used for symmetric algorithms, is represented by
+              <code>"secret"</code>, while keys used as part of asymmetric algorithms composed of
+              public/private keypairs will be either <code>"public"</code> or <code>"private"</code>.
             </dd>
             <dt id="dfn-KeyUsage"><code>KeyUsage</code></dt>
-            <dd>A type of operation that may be performed using a key. The <dfn id="dfn-RecognizedKeyUsage">recognized key usage values</dfn> are
-                    <code>"encrypt"</code>,
-                    <code>"decrypt"</code>,
-                    <code>"sign"</code>,
-                    <code>"verify"</code>,
-                    <code>"deriveKey"</code>,
-                    <code>"deriveBits"</code>,
-                    <code>"wrapKey"</code> and
-                    <code>"unwrapKey"</code>.
+            <dd>
+              A type of operation that may be performed using a key. The
+              <dfn id="dfn-RecognizedKeyUsage">recognized key usage values</dfn> are
+              <code>"encrypt"</code>,
+              <code>"decrypt"</code>,
+              <code>"sign"</code>,
+              <code>"verify"</code>,
+              <code>"deriveKey"</code>,
+              <code>"deriveBits"</code>,
+              <code>"wrapKey"</code> and
+              <code>"unwrapKey"</code>.
             </dd>
           </dl>
         </div>
@@ -767,8 +771,8 @@
             <li>
               Let the following attributes of <var>output</var> be equal to the value obtained by
               invoking the internal structured clone algorithm recursively, using the corresponding
-              attribute on <var>input</var> as the new "<var>input</var>" argument and <var>memory</var>
-              as the new "<var>memory</var>" argument:
+              attribute on <var>input</var> as the new "<var>input</var>" argument and
+              <var>memory</var> as the new "<var>memory</var>" argument:
               <ul>
                 <li><a href="#dfn-Key-type">type</a></li>
                 <li><a href="#dfn-Key-extractable">extractable</a></li>
@@ -783,303 +787,340 @@
           </ol>
           <div class="note">
             <strong>Implementation Note:</strong> When performing the structured clone algorithm for
-            a <code>Key</code> object, it is important that the underlying cryptographic key material
-            not be exposed to a JavaScript implementation. Such a situation may arise if an implementation
-            fails to implement the structured clone algorithm correctly, such as by allowing a <code>Key</code> object
-            to be serialized as part of a structured clone implementation, but then deserializing it as
-            a <code>DOMString</code>, rather than as a <code>Key</code> object.
+            a <code>Key</code> object, it is important that the underlying cryptographic key
+            material not be exposed to a JavaScript implementation. Such a situation may arise if an
+            implementation fails to implement the structured clone algorithm correctly, such as by
+            allowing a <code>Key</code> object to be serialized as part of a structured clone
+            implementation, but then deserializing it as a <code>DOMString</code>, rather than as a
+            <code>Key</code> object.
           </div>
         </div>
 
         <div id="key-interface-jwk" class="section">
-        
-            <h3>Representation using JSON Web Key</h3>
-            <p>
-                The <a href="#dfn-KeyFormat">KeyFormat</a> value <code>jwk</code> enables <a href="#dfn-Key">Key</a> objects to be imported or exported in <a href="#jwk">JSON Web Key</a> format.
-            </p>
-            <p>
-                This specification defines additional <a href="#jwk">JSON Web Key</a> attributes and attribute values that may be used for this purpose as follows:
-                <ul>
-                    <li>Additional <code>alg</code> names for algorithms supported by WebCrypto not already defined for <a href="#jwk">JSON Web Key</a></li>
-                    <li>A new <code>ext</code> attribute providing the value of the <a href="#dfn-Key">Key</a>'s <a href="#dfn-Key-extractable">extractable</a> attribute.</li>
-                </ul>
-
-            </p>
+          <h3>Representation using JSON Web Key</h3>
+          <p>
+            The <a href="#dfn-KeyFormat">KeyFormat</a> value <code>jwk</code> enables <a
+            href="#dfn-Key">Key</a> objects to be imported or exported in <a href="#jwk">JSON Web
+            Key</a> format.
+          </p>
+          <p>
+            This specification defines additional <a href="#jwk">JSON Web Key</a> attributes and
+            attribute values that may be used for this purpose as follows:
+            <ul>
+              <li>
+                Additional <code>alg</code> names for algorithms supported by WebCrypto not already
+                defined for <a href="#jwk">JSON Web Key</a>
+              </li>
+              <li>
+                A new <code>ext</code> attribute providing the value of the <a
+                href="#dfn-Key">Key</a>'s <a href="#dfn-Key-extractable">extractable</a> attribute.
+              </li>
+            </ul>
+          </p>
             <div id="key-interface-jwk-extensions" class="section">
               <h4>Extensions to JSON Web Key</h4>
               <div id="key-interface-jwk-algorithms" class="section">
-                  <h5>JSON Web Key algorithm names for WebCrypto algorithms</h5>
-                  <p>
-                      This specification defines additional <a href="#jwk">JSON Web Key</a> algorithm names:
-                        <code>A128CTR</code>,
-                        <code>A192CTR</code>,
-                        <code>A256CTR</code>,
-                        <code>A128CBC</code>,
-                        <code>A192CBC</code>,
-                        <code>A256CBC</code>,
-                        <code>A128CMAC</code>,
-                        <code>A192CMAC</code>,
-                        <code>A256CMAC</code>,
-                        <code>A128CFB</code>,
-                        <code>A192CFB</code>,
-                        <code>A256CFB</code>,
-                        <code>HS1</code>,
-                        <code>HS224</code>.
-                    
-                      These are associated with WebCrypto algorithms as defined in the mapping tables below.
-                  </p>
+                <h5>JSON Web Key algorithm names for WebCrypto algorithms</h5>
+                <p>
+                  This specification defines additional <a href="#jwk">JSON Web Key</a> algorithm names:
+                  <code>A128CTR</code>,
+                  <code>A192CTR</code>,
+                  <code>A256CTR</code>,
+                  <code>A128CBC</code>,
+                  <code>A192CBC</code>,
+                  <code>A256CBC</code>,
+                  <code>A128CMAC</code>,
+                  <code>A192CMAC</code>,
+                  <code>A256CMAC</code>,
+                  <code>A128CFB</code>,
+                  <code>A192CFB</code>,
+                  <code>A256CFB</code>,
+                  <code>HS1</code>,
+                  <code>HS224</code>.
+                  These are associated with WebCrypto algorithms as defined in the mapping tables
+                  below.
+                </p>
               </div>
               <div id="key-interface-jwk-ext" class="section">
-                  <h5>JSON Web Key <code>ext</code> attribute</h5>
-                  <p>
-                  This specification defines a new <a href="#jwk">JSON Web Key</a> attribute <code>ext</code> that enables the value of the <a href="#dfn-Key-extractable">extractable</a> attribute of a <a href="#dfn-Key">Key</a> to be included in a <a href="#jwk">JSON Web Key</a> object. The <code>ext</code> attribute SHALL have a Boolean value.
-                  </p>
+                <h5>JSON Web Key <code>ext</code> attribute</h5>
+                <p>
+                  This specification defines a new <a href="#jwk">JSON Web Key</a> attribute
+                  <code>ext</code> that enables the value of the
+                  <a href="#dfn-Key-extractable">extractable</a> attribute of a
+                  <a href="#dfn-Key">Key</a> to be included in a <a href="#jwk">JSON Web Key</a>
+                  object. The <code>ext</code> attribute SHALL have a Boolean value.
+                </p>
               </div>
             </div>
             <div id="key-interface-jwk-mapping" class="section">
               <h4>Mapping between WebCrypto and JSON Web Key</h4>
-              <p>This section defines the mapping between WebCrypto <a href="#dfn-Key">Key</a> objects and <a href="#jwk">JSON Web Key</a> objects.</p>
+              <p>
+                This section defines the mapping between WebCrypto <a href="#dfn-Key">Key</a>
+                objects and <a href="#jwk">JSON Web Key</a> objects.
+              </p>
               <div id="key-interface-jwk-mapping-alg" class="section">
-                  <h5>Mapping of algorithms</h5>
-                  <p>The JSON Web Key <code>alg</code> member shall be mapped to / from the <code>name</code>, <code>length</code> and <code>hash</code> members of the <code>algorithm</code> attribute
-                  of the Key object according to the following tables:</p>
-                  <table>
-                      <thead>
-                          <tr>
-                              <td>WebCrypto <code>Key.algorithm.name</code></td>
-                              <td>JWK <code>alg</code> value</td>
-                          </tr>
-                      </thead>
-                      <tbody>
-                          <tr>
-                              <td><code>RSAES-PKCS1-V1_5</code></td>
-                              <td><code>RSA1_5</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSA-OAEP</code></td>
-                              <td><code>RSA-OAEP</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>ECDH</code></td>
-                              <td><code>ECDH-ES</code></td>
-                          </tr>
-                      </tbody>
-                  </table>
-                  <p></p>
-                  <table>
-                      <thead>
-                          <tr>
-                              <td>WebCrypto <code>Key.algorithm.name</code></td>
-                              <td>WebCrypto <code>Key.algorithm.length</code></td>
-                              <td>JWK <code>alg</code> value</td>
-                          </tr>
-                      
-                      </thead>
-                      <tbody>
-                          <tr>
-                              <td><code>AES-CTR</code></td>
-                              <td>128</td>
-                              <td><code>A128CTR</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-CTR</code></td>
-                              <td>192</td>
-                              <td><code>A192CTR</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-CTR</code></td>
-                              <td>256</td>
-                              <td><code>A256CTR</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-CBC</code></td>
-                              <td>128</td>
-                              <td><code>A128CBC</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-CBC</code></td>
-                              <td>192</td>
-                              <td><code>A192CBC</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-CBC</code></td>
-                              <td>256</td>
-                              <td><code>A256CBC</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>128</td>
-                              <td><code>A128KW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>192</td>
-                              <td><code>A192KW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>256</td>
-                              <td><code>A256KW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-GCM</code></td>
-                              <td>128</td>
-                              <td><code>A128GCM</code> or <code>A128GCMKW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-GCM</code></td>
-                              <td>192</td>
-                              <td><code>A192GCM</code> or <code>A128GCMKW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-GCM</code></td>
-                              <td>256</td>
-                              <td><code>A256GCM</code> or <code>A128GCMKW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>128</td>
-                              <td><code>A128KW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>192</td>
-                              <td><code>A192KW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>256</td>
-                              <td><code>A256KW</code></td>
-                          </tr>
-                      </tbody>
-                  </table>
-                  <p></p>
-                  <table>
-                      <thead>
-                          <tr>
-                              <td>WebCrypto <code>Key.algorithm.name</code></td>
-                              <td>WebCrypto <code>Key.algorithm.hash</code></td>
-                              <td>JWK <code>alg</code> value</td>
-                          </tr>
-                      </thead>
-                      <tbody>
-
-                          <tr>
-                              <td><code>HMAC</code></td>
-                              <td><code>SHA-1</code></td>
-                              <td><code>HS1</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>HMAC</code></td>
-                              <td><code>SHA-224</code></td>
-                              <td><code>HS224</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>HMAC</code></td>
-                              <td><code>SHA-256</code></td>
-                              <td><code>HS256</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>HMAC</code></td>
-                              <td><code>SHA-384</code></td>
-                              <td><code>HS384</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>HMAC</code></td>
-                              <td><code>SHA-512</code></td>
-                              <td><code>HS512</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSASSA-PKCS1-v1_5</code></td>
-                              <td><code>SHA-256</code></td>
-                              <td><code>RS256</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSASSA-PKCS1-v1_5</code></td>
-                              <td><code>SHA-384</code></td>
-                              <td><code>RS384</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSASSA-PKCS1-v1_5</code></td>
-                              <td><code>SHA-512</code></td>
-                              <td><code>RS512</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSA-PSS</code></td>
-                              <td><code>SHA-256</code></td>
-                              <td><code>PS256</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSA-PSS</code></td>
-                              <td><code>SHA-384</code></td>
-                              <td><code>PS384</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSA-PSS</code></td>
-                              <td><code>SHA-512</code></td>
-                              <td><code>PS512</code></td>
-                          </tr>
-                      </tbody>
-                  </table>
+                <h5>Mapping of algorithms</h5>
+                <p>
+                  The JSON Web Key <code>alg</code> member shall be mapped to / from the
+                  <code>name</code>, <code>length</code> and <code>hash</code> members of the
+                  <code>algorithm</code> attribute of the Key object according to the following
+                  tables:
+                </p>
+                <table>
+                  <thead>
+                    <tr>
+                      <td>WebCrypto <code>Key.algorithm.name</code></td>
+                      <td>JWK <code>alg</code> value</td>
+                  </tr>
+                  </thead>
+                  <tbody>
+                    <tr>
+                      <td><code>RSAES-PKCS1-V1_5</code></td>
+                      <td><code>RSA1_5</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>RSA-OAEP</code></td>
+                      <td><code>RSA-OAEP</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>ECDH</code></td>
+                      <td><code>ECDH-ES</code></td>
+                    </tr>
+                  </tbody>
+                </table>
                 <p></p>
-                  <table>
-                      <thead>
-                          <tr>
-                              <td>WebCrypto <code>Key.algorithm.name</code></td>
-                              <td>WebCrypto <code>Key.algorithm.namedCurve</code></td>
-                              <td>JWK <code>alg</code> value</td>
-                          </tr>
-                      </thead>
-                      <tbody>
-                          <tr>
-                              <td><code>ECDSA</code></td>
-                              <td><code>P-256</code></td>
-                              <td><code>ES256</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>ECDSA</code></td>
-                              <td><code>P-384</code></td>
-                              <td><code>ES384</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>ECDSA</code></td>
-                              <td><code>P-512</code></td>
-                              <td><code>ES512</code></td>
-                          </tr>
-                      </tbody>
-                  </table>
+                <table>
+                  <thead>
+                    <tr>
+                      <td>WebCrypto <code>Key.algorithm.name</code></td>
+                      <td>WebCrypto <code>Key.algorithm.length</code></td>
+                      <td>JWK <code>alg</code> value</td>
+                    </tr>
+                  </thead>
+                  <tbody>
+                    <tr>
+                      <td><code>AES-CTR</code></td>
+                      <td>128</td>
+                      <td><code>A128CTR</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-CTR</code></td>
+                      <td>192</td>
+                      <td><code>A192CTR</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-CTR</code></td>
+                      <td>256</td>
+                      <td><code>A256CTR</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-CBC</code></td>
+                      <td>128</td>
+                      <td><code>A128CBC</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-CBC</code></td>
+                      <td>192</td>
+                      <td><code>A192CBC</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-CBC</code></td>
+                      <td>256</td>
+                      <td><code>A256CBC</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>128</td>
+                      <td><code>A128KW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>192</td>
+                      <td><code>A192KW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>256</td>
+                      <td><code>A256KW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-GCM</code></td>
+                      <td>128</td>
+                      <td><code>A128GCM</code> or <code>A128GCMKW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-GCM</code></td>
+                      <td>192</td>
+                      <td><code>A192GCM</code> or <code>A128GCMKW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-GCM</code></td>
+                      <td>256</td>
+                      <td><code>A256GCM</code> or <code>A128GCMKW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>128</td>
+                      <td><code>A128KW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>192</td>
+                      <td><code>A192KW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>256</td>
+                      <td><code>A256KW</code></td>
+                    </tr>
+                  </tbody>
+                </table>
+                <p></p>
+                <table>
+                  <thead>
+                    <tr>
+                      <td>WebCrypto <code>Key.algorithm.name</code></td>
+                      <td>WebCrypto <code>Key.algorithm.hash</code></td>
+                      <td>JWK <code>alg</code> value</td>
+                    </tr>
+                  </thead>
+                  <tbody>
+                    <tr>
+                      <td><code>HMAC</code></td>
+                      <td><code>SHA-1</code></td>
+                      <td><code>HS1</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>HMAC</code></td>
+                      <td><code>SHA-224</code></td>
+                      <td><code>HS224</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>HMAC</code></td>
+                      <td><code>SHA-256</code></td>
+                      <td><code>HS256</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>HMAC</code></td>
+                      <td><code>SHA-384</code></td>
+                      <td><code>HS384</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>HMAC</code></td>
+                      <td><code>SHA-512</code></td>
+                      <td><code>HS512</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>RSASSA-PKCS1-v1_5</code></td>
+                      <td><code>SHA-256</code></td>
+                      <td><code>RS256</code></td>
+                    </tr>
+                    <tr>
+                       <td><code>RSASSA-PKCS1-v1_5</code></td>
+                      <td><code>SHA-384</code></td>
+                      <td><code>RS384</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>RSASSA-PKCS1-v1_5</code></td>
+                      <td><code>SHA-512</code></td>
+                      <td><code>RS512</code></td>
+                    </tr>
+                    <tr>
+                       <td><code>RSA-PSS</code></td>
+                      <td><code>SHA-256</code></td>
+                      <td><code>PS256</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>RSA-PSS</code></td>
+                      <td><code>SHA-384</code></td>
+                      <td><code>PS384</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>RSA-PSS</code></td>
+                      <td><code>SHA-512</code></td>
+                      <td><code>PS512</code></td>
+                    </tr>
+                  </tbody>
+                </table>
+                <p></p>
+                <table>
+                  <thead>
+                    <tr>
+                      <td>WebCrypto <code>Key.algorithm.name</code></td>
+                      <td>WebCrypto <code>Key.algorithm.namedCurve</code></td>
+                      <td>JWK <code>alg</code> value</td>
+                    </tr>
+                  </thead>
+                  <tbody>
+                    <tr>
+                      <td><code>ECDSA</code></td>
+                      <td><code>P-256</code></td>
+                      <td><code>ES256</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>ECDSA</code></td>
+                      <td><code>P-384</code></td>
+                      <td><code>ES384</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>ECDSA</code></td>
+                      <td><code>P-512</code></td>
+                      <td><code>ES512</code></td>
+                    </tr>
+                  </tbody>
+                </table>
               </div>
               <div id="key-interface-jwk-mapping-use" class="section">
                 <h5>Mapping of usages</h5>
-                <p>When exporting a WebCrypto <a href="#dfn-Key">Key</a> in JWK format, the value of the <a href="#dfn-Key">Key</a>.usages array shall be copied into the JWK <code>key_ops</code> member where each WebCrypto <a href="#dfn-KeyUsage">KeyUsage</a> value maps to the JWK <code>key_ops</code> value of the same name. The <code>use</code> member shall not be present.</p>
-                <p>When importing a JWK format key into a WebCrypto <a href="#dfn-Key">Key</a> object, if the <code>key_ops</code> member is present then the
-                  WebCrypto <a href="#dfn-KeyUsage">KeyUsages</a> specified by this JWK shall be equal to the values listed in <code>key_ops</code>  where each JWK <code>key_ops</code> value maps to the WebCrypto <a href="#dfn-KeyUsage">KeyUsage</a> value of the same name, except that unrecognized values SHALL be ignored. If the <code>key_ops</code> member is not present and the <code>use</code> member is present, then the WebCrypto <a href="#dfn-KeyUsage">KeyUsages</a> specified by this JWK shall be as specified in the following table:
-                  </p>
-                  
-                  <table>
-                    <thead>
-                      <tr>
-                        <td>JWK <code>use</code> value</td>
-                        <td>WebCrypto Key.usages value</td>
-                      </tr>
-                    </thead>
-                    <tbody>
-                      <tr>
-                        <td><code>enc</code></td>
-                        <td><code>[ "encrypt", "decrypt", "wrapKey", "unwrapKey" ]</code></td>
-                      </tr>
-                      <tr>
-                        <td><code>sig</code></td>
-                        <td><code>[ "sign", "verify" ]</code></td>
-                      </tr>
-                    </tbody>
-                  </table>
+                <p>
+                  When exporting a WebCrypto <a href="#dfn-Key">Key</a> in JWK format, the value of
+                  the <a href="#dfn-Key">Key</a>.usages array shall be copied into the JWK
+                  <code>key_ops</code> member where each WebCrypto <a href="#dfn-KeyUsage">KeyUsage</a>
+                  value maps to the JWK <code>key_ops</code> value of the same name. The
+                  <code>use</code> member shall not be present.
+                </p>
+                <p>
+                  When importing a JWK format key into a WebCrypto <a href="#dfn-Key">Key</a> object,
+                  if the <code>key_ops</code> member is present then the WebCrypto
+                  <a href="#dfn-KeyUsage">KeyUsages</a> specified by this JWK shall be equal to the
+                  values listed in <code>key_ops</code>  where each JWK <code>key_ops</code> value
+                  maps to the WebCrypto <a href="#dfn-KeyUsage">KeyUsage</a> value of the same name,
+                  except that unrecognized values SHALL be ignored. If the <code>key_ops</code>
+                  member is not present and the <code>use</code> member is present, then the
+                  WebCrypto <a href="#dfn-KeyUsage">KeyUsages</a> specified by this JWK shall be as
+                  specified in the following table:
+                </p>  
+                <table>
+                  <thead>
+                    <tr>
+                      <td>JWK <code>use</code> value</td>
+                      <td>WebCrypto Key.usages value</td>
+                    </tr>
+                  </thead>
+                  <tbody>
+                    <tr>
+                      <td><code>enc</code></td>
+                      <td><code>[ "encrypt", "decrypt", "wrapKey", "unwrapKey" ]</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>sig</code></td>
+                      <td><code>[ "sign", "verify" ]</code></td>
+                    </tr>
+                  </tbody>
+                </table>
               </div>
               <div id="key-interface-jwk-mapping-ext" class="section">
                 <h5>Mapping of extractable</h5>
-                <p>When exporting a WebCrypto <a href="#dfn-Key">Key</a> in JWK format, the value of the JWK <code>ext</code> attribute shall be <code>true</code>.</p>
-                <p>When importing a JWK format key into a WebCrypto <a href="#dfn-Key">Key</a> object, if the <code>ext</code> member is present then the
-                  WebCrypto <a href="#dfn-Key-extractable">extractable</a> value specified by this JWK shall be equal to the <code>ext</code> member value.</p>
+                <p>
+                  When exporting a WebCrypto <a href="#dfn-Key">Key</a> in JWK format, the value of
+                  the JWK <code>ext</code> attribute shall be <code>true</code>.
+                </p>
+                <p>
+                  When importing a JWK format key into a WebCrypto <a href="#dfn-Key">Key</a> object,
+                  if the <code>ext</code> member is present then the WebCrypto
+                  <a href="#dfn-Key-extractable">extractable</a> value specified by this JWK shall
+                  be equal to the <code>ext</code> member value.
+                </p>
               </div>
            </div>
         </div>
@@ -1334,8 +1375,8 @@
               <li>
                 <p>
                   Let <var>plaintext</var> be the result of performing the underlying decrypt
-                  algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as <var>key</var>
-                  and <code>data</code> as <var>ciphertext</var>.
+                  algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as
+                  <var>key</var> and <code>data</code> as <var>ciphertext</var>.
                 </p>
               </li>
               <li>
@@ -1395,9 +1436,9 @@
               </li>
               <li>
                 <p>
-                  Let <var>result</var> be the result of performing the signature
-                  algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as <var>key</var>
-                  and <code>data</code> as <var>message</var>.
+                  Let <var>result</var> be the result of performing the signature algorithm
+                  specified by <var>normalizedAlgorithm</var> with <code>key</code> as
+                  <var>key</var> and <code>data</code> as <var>message</var>.
                 </p>
               </li>
               <li>
@@ -1458,8 +1499,9 @@
               <li>
                 <p>
                   Let <var>result</var> be the result of performing the signature verification
-                  algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as <var>key</var>,
-                  <code>signature</code> as <var>signature</var> and <code>data</code> as <var>message</var>.
+                  algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as
+                  <var>key</var>, <code>signature</code> as <var>signature</var> and
+                  <code>data</code> as <var>message</var>.
                 </p>
               </li>
               <li>
@@ -1528,7 +1570,9 @@
           <div id="SubtleCrypto-method-generateKey" class="section">
             <h4>The generateKey method</h4>
              <p>
-              When invoked, <dfn id="dfn-SubtleCrypto-method-generateKey"><code>generateKey</code></dfn> <span class="RFC2119">MUST</span> perform the following steps:
+              When invoked, <dfn id="dfn-SubtleCrypto-method-generateKey">
+              <code>generateKey</code></dfn> <span class="RFC2119">MUST</span> perform the
+              following steps:
             </p>
             <ol>
               <li>
@@ -1548,13 +1592,16 @@
               </li>
               <li>
                 <p>
-                  If <code>keyUsages</code> includes a value that is not a <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>keyUsages</code> includes a value that is not a
+                  <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
+                  <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
+                  the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
+                  its associated resolver.
                 </p>
               </li>
               <li>
@@ -1566,7 +1613,10 @@
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote">Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote">
+                  Determine whether to reject the algorithm with a DOMError or a
+                  <code>null</code> result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -1584,8 +1634,9 @@
               <li>
                 <p>
                   Let <var>result</var> be the result of executing the key generation algorithm
-                  defined by the algorithm indicated in <var>normalizedAlgorithm</var> with <code>extractable</code> as <var>extractable</var>
-                  and <code>keyUsages</code> as <var>usages</var>.
+                  defined by the algorithm indicated in <var>normalizedAlgorithm</var> with
+                  <code>extractable</code> as <var>extractable</var> and <code>keyUsages</code> as
+                  <var>usages</var>.
                 </p>
               </li>
               <li>
@@ -1600,7 +1651,8 @@
           <div id="SubtleCrypto-method-deriveKey" class="section">
             <h4>The deriveKey method</h4>
             <p>
-              When invoked, <dfn id="dfn-SubtleCrypto-method-deriveKey"><code>deriveKey</code></dfn> <span class="RFC2119">MUST</span> perform the following steps:
+              When invoked, <dfn id="dfn-SubtleCrypto-method-deriveKey"><code>deriveKey</code></dfn>
+              <span class="RFC2119">MUST</span> perform the following steps:
             </p>
             <ol>
               <li>
@@ -1620,7 +1672,8 @@
               </li>
               <li>
                 <p>
-                  If <code>derivedKeyType</code> is null, let <var>normalizedDerivedKeyAlgorithm</var> be null. Otherwise,
+                  If <code>derivedKeyType</code> is null, let
+                  <var>normalizedDerivedKeyAlgorithm</var> be null. Otherwise,
                   <ol>
                     <li>
                       <p>
@@ -1632,7 +1685,8 @@
                     <li>
                       <p>
                         If <var>normalizedDerivedKeyAlgorithm</var> does not describe a
-                        <a href="#algorithms">registered algorithm</a> throw a <code>NotSupportedError</code> and
+                        <a href="#algorithms">registered algorithm</a> throw a
+                        <code>NotSupportedError</code> and
                         <a href="#terminate-the-algorithm">terminate the algorithm</a>.
                       </p>
                     </li>
@@ -1648,13 +1702,16 @@
               </li>
               <li>
                 <p>
-                  If <code>keyUsages</code> includes a value that is not a <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>keyUsages</code> includes a value that is not a
+                  <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
+                  <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the
+                  algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
+                  its associated resolver.
                 </p>
               </li>
               <li>
@@ -1666,7 +1723,10 @@
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote">Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote">
+                  Determine whether to reject the algorithm with a DOMError or a
+                  <code>null</code> result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -1691,8 +1751,9 @@
               <li>
                 <p>
                   Let <var>result</var> be the result of executing the key derivation algorithm
-                  defined by the algorithm indicated in <var>normalizedAlgorithm</var> using <code>key</code> as <var>key</var>,
-                  <code>extractable</code> as <var>extractable</var> and <code>keyUsages</code> as <var>usages</var>.
+                  defined by the algorithm indicated in <var>normalizedAlgorithm</var> using
+                  <code>key</code> as <var>key</var>, <code>extractable</code> as
+                  <var>extractable</var> and <code>keyUsages</code> as <var>usages</var>.
                 </p>
               </li>
               <li>
@@ -1707,7 +1768,8 @@
           <div id="SubtleCrypto-method-deriveBits" class="section">
             <h4>The deriveBits method</h4>
             <p>
-              When invoked, <dfn id="dfn-SubtleCrypto-method-deriveBits"><code>deriveBits</code></dfn> <span class="RFC2119">MUST</span> perform the following steps:
+              When invoked, <dfn id="dfn-SubtleCrypto-method-deriveBits"><code>deriveBits</code></dfn>
+              <span class="RFC2119">MUST</span> perform the following steps:
             </p>
             <ol>
               <li>
@@ -1734,7 +1796,8 @@
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
+                  its associated resolver.
                 </p>
               </li>
               <li>
@@ -1746,7 +1809,10 @@
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote">Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote">
+                  Determine whether to reject the algorithm with a DOMError or a <code>null</code>
+                  result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -1786,7 +1852,8 @@
           <div id="SubtleCrypto-method-importKey" class="section">
             <h4>The <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method</h4>
             <p>                  
-              When invoked, the <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method <span class="RFC2119">MUST</span> perform the following steps:
+              When invoked, the <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method
+              <span class="RFC2119">MUST</span> perform the following steps:
             </p>
             <ol>
               <li>
@@ -1818,26 +1885,31 @@
               </li>
               <li>
                 <p>
-                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key format value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
+                  format value</a>, throw a <code>NotSupportedError</code> and
+                  <a href="#terminate-the-algorithm">terminate the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  If <code>keyUsages</code> includes a value that is not a <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>keyUsages</code> includes a value that is not a
+                  <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
+                  <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
+                  the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>format</var>, <var>keyData</var>, <var>extractable</var> and <var>usages</var> be the <code>format</code>, <code>keyData</code>,
-                  <code>extractable</code> and <code>usages</code> parameters to the <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method respectively.
+                  Let <var>format</var>, <var>keyData</var>, <var>extractable</var> and
+                  <var>usages</var> be the <code>format</code>, <code>keyData</code>,
+                  <code>extractable</code> and <code>usages</code> parameters to the
+                  <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method respectively.
                 </p>
-              
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
+                  its associated resolver.
                 </p>
               </li>
               <li>
@@ -1849,7 +1921,10 @@
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote">Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote">
+                  Determine whether to reject the algorithm with a DOMError or a
+                  <code>null</code> result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -1867,20 +1942,23 @@
               
               <li>
                 <p>
-                  If <var>keyData</var>, interpreted accoding to <var>format</var>, specifies parameters that are
-                  inconsistent with the parameters supplied to <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn>,
-                  terminate this algorithm with an error.
+                  If <var>keyData</var>, interpreted accoding to <var>format</var>, specifies
+                  parameters that are inconsistent with the parameters supplied to
+                  <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn>, terminate this
+                  algorithm with an error.
                 </p>
               </li>
               <li>
                 <p>
-                    Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that results from interpreting
-                    <var>keyData</var> accoding to <var>format</var> using the key import algorithm indicated in <var>normalizedAlgorithm</var>.
+                  Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that
+                  results from interpreting <var>keyData</var> accoding to <var>format</var> using
+                  the key import algorithm indicated in <var>normalizedAlgorithm</var>.
                 </p>
               </li>
               <li>
                 <p>
-                    Set <var>result</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> to be <var>extractable</var>.
+                  Set <var>result</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a>
+                  to be <var>extractable</var>.
                 </p>
               </li>
               <li>
@@ -1900,38 +1978,44 @@
           <div id="SubtleCrypto-method-exportKey" class="section">
             <h4>The <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method</h4>
             <p>
-              When invoked, the <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method <span class="RFC2119">MUST</span> perform the following steps:
+              When invoked, the <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method
+              <span class="RFC2119">MUST</span> perform the following steps:
             </p>
             <ol>
-            
               <li>
                 <p>
-                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key format value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
+                  format value</a>, throw a <code>NotSupportedError</code> and <a
+                  href="#terminate-the-algorithm">terminate the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>key</var> and <var>format</var> be the values of the <code>key</code> and <code>format</code> parameters to the
-                  <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method respectively.
+                  Let <var>key</var> and <var>format</var> be the values of the <code>key</code> and
+                  <code>format</code> parameters to the <dfn
+                  id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method respectively.
                 </p>
               </li>
-            
-              <li>
-                  <p>
-                    Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
-                  </p>
-              </li>
               <li>
                 <p>
-                  Return <var>promise</var> and continue executing the remaining steps asynchronously.
+                  Let <var>promise</var> be a new <code>Promise</code> object and
+                  <var>resolver</var> its associated resolver.
+                </p>
+              </li>
+              <li>
+                <p>
+                  Return <var>promise</var> and continue executing the remaining steps
+                  asynchronously.
                 </p>
               </li>
               <li>
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote">Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote">
+                  Determine whether to reject the algorithm with a DOMError or a <code>null</code>
+                  result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -1948,13 +2032,14 @@
               </li>
               <li>
                 <p>
-                  If <var>key</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> is not true,
-                  terminate this algorithm with an error.
+                  If <var>key</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> is
+                  not true, terminate this algorithm with an error.
                 </p>         
               </li>
               <li>
                 <p>
-                  Let <var>result</var> be the result of encoding <var>key</var> according to <var>format</var>.
+                  Let <var>result</var> be the result of encoding <var>key</var> according to
+                  <var>format</var>.
                 </p>
               </li>
             </ol>
@@ -1963,7 +2048,8 @@
           <div id="SubtleCrypto-method-wrapKey" class="section">
             <h4>The wrapKey method</h4>
             <p>
-              When invoked, the <dfn id="dfn-SubtleCrypto-method-wrapKey">wrapKey</dfn> method <span class="RFC2119">MUST</span> perform the following steps: 
+              When invoked, the <dfn id="dfn-SubtleCrypto-method-wrapKey">wrapKey</dfn> method <span
+              class="RFC2119">MUST</span> perform the following steps:
             </p>
             <ol>
               <li>
@@ -1983,25 +2069,31 @@
               </li>
               <li>
                 <p>
-                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key format value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
+                  format value</a>, throw a <code>NotSupportedError</code> and <a
+                  href="#terminate-the-algorithm">terminate the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and
+                  <var>resolver</var> its associated resolver.
                 </p>
               </li>
               <li>
                 <p>
-                  Return <var>promise</var> and continue executing the remaining steps asynchronously.
+                  Return <var>promise</var> and continue executing the remaining steps
+                  asynchronously.
                 </p>
               </li>
               <li>
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote">Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote">
+                  Determine whether to reject the algorithm with a DOMError or a <code>null</code>
+                  result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -2025,13 +2117,14 @@
               </li>
               <li>
                 <p>
-                  If <var>key</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> is not true,
-                  terminate this algorithm with an error.
+                  If <var>key</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> is
+                  not true, terminate this algorithm with an error.
                 </p>         
               </li>
               <li>
                 <p>
-                  Let <var>bytes</var> be the result of encoding <var>key</var> according to <var>keyFormat</var>.
+                  Let <var>bytes</var> be the result of encoding <var>key</var> according to
+                  <var>keyFormat</var>.
                 </p>
               </li>
               <li>
@@ -2041,7 +2134,9 @@
               </li>
               <li>
                 <p>
-                 Let <var>result</var> be the result of performing the underlying cryptographic algorithm specified by <var>normalizedAlgorithm</var> with <var>bytes</var> as input data.
+                 Let <var>result</var> be the result of performing the underlying cryptographic
+                 algorithm specified by <var>normalizedAlgorithm</var> with <var>bytes</var> as
+                 input data.
                 </p>
               </li>
               <li>
@@ -2061,7 +2156,8 @@
           <div id="SubtleCrypto-method-unwrapKey" class="section">
             <h4>The unwrapKey method</h4>
             <p>
-              When invoked, the <dfn id="dfn-SubtleCrypto-method-unwrapKey">unwrapKey</dfn> method <span class="RFC2119">MUST</span> perform the following steps: 
+              When invoked, the <dfn id="dfn-SubtleCrypto-method-unwrapKey">unwrapKey</dfn> method
+              <span class="RFC2119">MUST</span> perform the following steps: 
             </p>
             <ol>
               <li>
@@ -2108,19 +2204,24 @@
               </li>
               <li>
                 <p>
-                  If <code>format</code> is not a recognized <a href="#dfn-KeyFormat"><code>KeyFormat</code></a> value, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>format</code> is not a recognized
+                  <a href="#dfn-KeyFormat"><code>KeyFormat</code></a> value, throw a
+                  <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
+                  the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  If <code>keyUsages</code> includes a value that is not a recognized <a href="#dfn-KeyUsage"><code>KeyUsage</code></a> value, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>keyUsages</code> includes a value that is not a recognized
+                  <a href="#dfn-KeyUsage"><code>KeyUsage</code></a> value, throw a
+                  <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
+                  the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
+                  its associated resolver.
                 </p>
               </li>
               <li>
@@ -2132,7 +2233,10 @@
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote">Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote">
+                  Determine whether to reject the algorithm with a DOMError or a
+                  <code>null</code> result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -2156,8 +2260,9 @@
               </li>
               <li>
                  <p>
-                   Let <var>bytes</var> be the result of performing the underlying cryptographic algorithm specified by <var>normalizedUnwrapAlgorithm</var>
-                   witk key <var>unwrappingKey</var> and input data <var>wrappedKey</var>.
+                   Let <var>bytes</var> be the result of performing the underlying cryptographic
+                   algorithm specified by <var>normalizedUnwrapAlgorithm</var> witk key
+                   <var>unwrappingKey</var> and input data <var>wrappedKey</var>.
                  </p>
               </li>
               <li>
@@ -2167,18 +2272,24 @@
               </li>
               <li>
                 <p>
-                If <var>bytes</var>, interpreted accoding to <var>format</var>, specifies parameters that are inconsistent with the parameters supplied to <a href="#dfn-SubtleCrytpo-method-unwrapKey">unwrapKey</a>, terminate this algorithm with an error.
+                  If <var>bytes</var>, interpreted accoding to <var>format</var>, specifies
+                  parameters that are inconsistent with the parameters supplied to <a
+                  href="#dfn-SubtleCrytpo-method-unwrapKey">unwrapKey</a>, terminate this algorithm
+                  with an error.
                 </p>
               </li>
               <li>
                 <p>
-                    Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that results from interpreting
-                    <var>bytes</var> accoding to <var>format</var> using the key import algorithm indicated in <var>normalizedKeyAlgorithm</var>.
+                  Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that
+                  results from interpreting <var>bytes</var> accoding to <var>format</var> using
+                  the key import algorithm indicated in <var>normalizedKeyAlgorithm</var>.
                 </p>
               </li>
               <li>
                 <p>
-                 If <var>result</var> describes a <a href="#dfn-Key"><code>Key</code></a> object that is incompatible with the parameters associated with <var>unwrappingKey</var>, terminate this algorithm with an error.
+                   If <var>result</var> describes a <a href="#dfn-Key"><code>Key</code></a> object
+                   that is incompatible with the parameters associated with
+                   <var>unwrappingKey</var>, terminate this algorithm with an error.
                 </p>
               </li>
               <li>
@@ -2241,9 +2352,9 @@
         </p>
 
         <div class="note">
-            <strong>Implementation Note:</strong> Since the integer is unsigned, the highest order bit
-            is NOT a sign bit. Implementors should take care when mapping to big integer implementations
-            that expected signed integers.
+          <strong>Implementation Note:</strong> Since the integer is unsigned, the highest order bit
+          is NOT a sign bit. Implementors should take care when mapping to big integer
+          implementations that expected signed integers.
         </div>
       </div>
       
@@ -2809,55 +2920,67 @@
               <dt>Encrypt</dt>
               <dd>
                 <ol>
-                    <li>
-                        <p>
-                            If <var>key</var> does not have key type <code>public</code>, terminate this algorithm with an error.
-                        </p>
-                    </li>
-                    <li>
-                        <p>
-                            Perform the encrytion operation defined in Section 7.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the recipient's RSA public key and the contents of <var>plaintext</var> as M.
-                            <ol>
-                                <li>
-                                    <p>
-                                        If performing the operation results in an error, terminate this algorithm with an error.
-                                    </p>
-                                </li>
-                                <li>
-                                    <p>
-                                        Otherwise, let <var>ciphertext</var> be a new <code>ArrayBuffer</code> containing the value C that results from performing the operation.
-                                    </p>
-                                </li>
-                            </ol>
-                        </p>
-                    </li>
+                  <li>
+                    <p>
+                      If <var>key</var> does not have key type <code>public</code>, terminate this
+                      algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the encrytion operation defined in Section 7.2 of [<cite><a
+                      href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                      as the recipient's RSA public key and the contents of <var>plaintext</var> as
+                      M.
+                      <ol>
+                        <li>
+                          <p>
+                            If performing the operation results in an error, terminate this
+                            algorithm with an error.
+                          </p>
+                        </li>
+                        <li>
+                          <p>
+                            Otherwise, let <var>ciphertext</var> be a new <code>ArrayBuffer</code>
+                            containing the value C that results from performing the operation.
+                          </p>
+                        </li>
+                      </ol>
+                    </p>
+                  </li>
                 </ol>
               </dd>
               <dt>Decrypt</dt>
               <dd>
                 <ol>
-                    <li>
-                        <p>
-                            If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                        </p>
-                    </li>
-                    <li>
-                        <p>
-                            Perform the decryption operation defined in Section 7.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the recipient's RSA private key and the contents of <var>ciphertext</var> as C.
-                            <ol>
-                                <li>
-                                    <p>
-                                        If performing the operation results in an error, terminate this algorithm with an error.
-                                    </p>
-                                </li>
-                                <li>
-                                    <p>
-                                        Otherwise, let <var>plaintext</var> be a new <code>ArrayBuffer</code> containing the value M that results from performing the operation.
-                                    </p>
-                                </li>
-                            </ol>
-                        </p>
-                    </li>
+                  <li>
+                    <p>
+                      If <var>key</var> does not have key type <code>private</code>, terminate this
+                      algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the decryption operation defined in Section 7.2 of [<cite><a
+                     href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                     as the recipient's RSA private key and the contents of <var>ciphertext</var> as
+                     C.
+                      <ol>
+                        <li>
+                          <p>
+                            If performing the operation results in an error, terminate this
+                            algorithm with an error.
+                          </p>
+                        </li>
+                        <li>
+                          <p>
+                            Otherwise, let <var>plaintext</var> be a new <code>ArrayBuffer</code>
+                            containing the value M that results from performing the operation.
+                          </p>
+                        </li>
+                      </ol>
+                    </p>
+                  </li>
                 </ol>
               </dd>
               <dt>Generate Key</dt>
@@ -2865,12 +2988,17 @@
                 <ol>
                   <li>
                     <p>
-                    If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                    Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+                      Generate an RSA key pair, as defined in [<cite><a
+                      href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
+                      <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
+                      exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
                       <ul>
                         <li>
                           <p>
@@ -2883,37 +3011,48 @@
                             <ol>
                               <li>
                                 <p>
-                                  Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
-                                </p>
-                              </li>
-                              <li>
-                                <p>
-                                  Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
-                                </p>
-                              </li>
-                              <li>
-                                <p>
-                                  Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                  Let <var>result</var> be a new <a
+                                  href="#dfn-KeyPair"><code>KeyPair</code></a> object
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey" ]</code>.
+                                  Let <var>result</var><code>.publicKey</code> be a new <a
+                                  href="#dfn-Key"><code>Key</code></a> object representing the
+                                  public key of the generated key pair.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
+                                  Let <var>result</var><code>.publicKey.extractable</code> be
+                                  <code>true</code>
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey"
+                                  ]</code>.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "decrypt", "unwrapKey" ]</code>.
+                                  Let <var>result</var><code>.privateKey</code> be a new <a
+                                  href="#dfn-Key"><code>Key</code></a> object representing the
+                                  private key of the generated key pair.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.extractable</code> be
+                                  <var>extractable</var>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "decrypt",
+                                  "unwrapKey" ]</code>.
                                 </p>
                               </li>
                               <li>
@@ -3010,26 +3149,36 @@
                 <ol>
                   <li>
                     <p>
-                        If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                        If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      If <var>key</var> does not have key type <code>private</code>, terminate this
+                      algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                        Perform the signature generation operation defined in Section 8.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the signer's private key and the contents of <var>message</var> as M and using the hash function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option for the EMSA-PKCS1-v1_5 encoding method.
+                      If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are not
+                      present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
+                      this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the signature generation operation defined in Section 8.2 of
+                      [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
+                      <var>key</var> as the signer's private key and the contents of
+                      <var>message</var> as M and using the hash function specified in
+                      <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option for the
+                      EMSA-PKCS1-v1_5 encoding method.
                       <ol>
                         <li>
                           <p>
-                            If performing the operation results in an error, terminate this algorithm with an error.
+                            If performing the operation results in an error, terminate this
+                            algorithm with an error.
                           </p>
                         </li>
                         <li>
                           <p>
-                            Otherwise, let <var>signature</var> be the value S that results from performing the operation.
+                            Otherwise, let <var>signature</var> be the value S that results from
+                            performing the operation.
                           </p>
                         </li>
                       </ol>
@@ -3043,26 +3192,37 @@
                 <ol>
                   <li>
                     <p>
-                        If <var>key</var> does not have key type <code>public</code>, terminate this algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                        If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      If <var>key</var> does not have key type <code>public</code>, terminate this
+                      algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                        Perform the signature verification operation defined in Section 8.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the signer's RSA public key and the contents of <var>message</var> as M and <var>signature</var> as S and using the hash function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option for the EMSA-PKCS1-v1_5 encoding method.
+                      If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the signature verification operation defined in Section 8.2 of
+                      [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
+                      <var>key</var> as the signer's RSA public key and the contents of
+                      <var>message</var> as M and <var>signature</var> as S and using the hash
+                      function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the
+                      Hash option for the EMSA-PKCS1-v1_5 encoding method.
                       <ol>
                         <li>
                           <p>
-                            If performing the operation results in an error, terminate this algorithm with an error.
+                            If performing the operation results in an error, terminate this
+                            algorithm with an error.
                           </p>
                         </li>
                         <li>
                           <p>
-                            Otherwise, let <var>result</var> be a boolean with value true if the result of the operations was "valid signature" and a boolean with value false otherwise.
+                            Otherwise, let <var>result</var> be a boolean with value true if the
+                            result of the operations was "valid signature" and a boolean with value
+                            false otherwise.
                           </p>
                         </li>
                       </ol>
@@ -3075,16 +3235,22 @@
                 <ol>
                   <li>
                     <p>
-                    If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a>
+                      are not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                    Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+                      Generate an RSA key pair, as defined in [<cite><a
+                      href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
+                      <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
+                      exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
                       <ul>
                         <li>
                           <p>
-                          If generation of the key pair fails, terminate this algorithm with an error.
+                            If generation of the key pair fails, terminate this algorithm with an
+                            error.
                           </p>
                         </li>
                         <li>
@@ -3093,37 +3259,46 @@
                             <ol>
                               <li>
                                 <p>
-                                  Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
-                                </p>
-                              </li>
-                              <li>
-                                <p>
-                                  Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
-                                </p>
-                              </li>
-                              <li>
-                                <p>
-                                  Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                  Let <var>result</var> be a new <a
+                                  href="#dfn-KeyPair"><code>KeyPair</code></a> object
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "verify" ]</code>.
+                                  Let <var>result</var><code>.publicKey</code> be a new <a
+                                  href="#dfn-Key"><code>Key</code></a> object representing the
+                                  public key of the generated key pair.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
-                                </p>
-                              </li>
-                                                      <li>
-                                <p>
-                                  Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                  Let <var>result</var><code>.publicKey.extractable</code> be
+                                  <code>true</code>
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "sign" ]</code>.
+                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "verify" ]</code>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey</code> be a new <a
+                                  href="#dfn-Key"><code>Key</code></a> object representing the
+                                  private key of the generated key pair.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.extractable</code> be
+                                  <var>extractable</var>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "sign" ]</code>.
                                 </p>
                               </li>
                               <li>
@@ -3218,26 +3393,38 @@
               <ol>
                 <li>
                   <p>
-                      If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                  </p>
-                </li>
-                <li>
-                  <p>
-                      If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                    If <var>key</var> does not have key type <code>private</code>, terminate this
+                    algorithm with an error.
                   </p>
                 </li>
                 <li>
                   <p>
-                      Perform the signature generation operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the signer's private key, K, and the contents of <var>message</var> as the message to be signed, M, and using the hash function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the salt length option for the EMM-PSS-ENCODE operation.
+                    If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not
+                    present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
+                    this algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    Perform the signature generation operation defined in Section 8.1 of [<cite><a
+                    href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                    as the signer's private key, K, and the contents of <var>message</var> as the
+                    message to be signed, M, and using the hash function specified in
+                    <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1
+                    (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
+                    the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
+                    salt length option for the EMM-PSS-ENCODE operation.
                     <ol>
                       <li>
                         <p>
-                          If performing the operation results in an error, terminate this algorithm with an error.
+                          If performing the operation results in an error, terminate this algorithm
+                          with an error.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Otherwise, let <var>signature</var> be a new <code>ArrayBuffer</code> containing the signature, S, that results from performing the operation.
+                          Otherwise, let <var>signature</var> be a new <code>ArrayBuffer</code>
+                          containing the signature, S, that results from performing the operation.
                         </p>
                       </li>
                     </ol>
@@ -3251,26 +3438,39 @@
               <ol>
                 <li>
                   <p>
-                      If <var>key</var> does not have key type <code>public</code>, terminate this algorithm with an error.
-                  </p>
-                </li>
-                <li>
-                  <p>
-                      If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                    If <var>key</var> does not have key type <code>public</code>, terminate this
+                    algorithm with an error.
                   </p>
                 </li>
                 <li>
                   <p>
-                      Perform the signature verification operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the signer's RSA public key and the contents of <var>message</var> as M and the contents of <var>signature</var> as S and using the hash function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the salt length option for the EMSA-PSS-VERIFY operation.
+                    If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not
+                    present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
+                    this algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    Perform the signature verification operation defined in Section 8.1 of [<cite><a
+                    href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                    as the signer's RSA public key and the contents of <var>message</var> as M and
+                    the contents of <var>signature</var> as S and using the hash function specified
+                    in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1
+                    (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
+                    the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
+                    salt length option for the EMSA-PSS-VERIFY operation.
                     <ol>
                       <li>
                         <p>
-                          If performing the operation results in an error, terminate this algorithm with an error.
+                          If performing the operation results in an error, terminate this algorithm
+                          with an error.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Otherwise, let <var>result</var> be a boolean with value true if the result of the operation was "valid signature" and a boolean with value false otherwise.
+                          Otherwise, let <var>result</var> be a boolean with value true if the
+                          result of the operation was "valid signature" and a boolean with value
+                          false otherwise.
                         </p>
                       </li>
                     </ol>
@@ -3283,16 +3483,22 @@
               <ol>
                 <li>
                   <p>
-                  If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                    If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are
+                    not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                    terminate this algorithm with an error.
                   </p>
                 </li>
                 <li>
                   <p>
-                  Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+                    Generate an RSA key pair, as defined in [<cite><a
+                    href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
+                    <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
+                    exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
                     <ul>
                       <li>
                         <p>
-                        If generation of the key pair fails, terminate this algorithm with an error.
+                          If generation of the key pair fails, terminate this algorithm with an
+                          error.
                         </p>
                       </li>
                       <li>
@@ -3301,37 +3507,46 @@
                           <ol>
                             <li>
                               <p>
-                                Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
-                              </p>
-                            </li>
-                            <li>
-                              <p>
-                                Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
-                              </p>
-                            </li>
-                            <li>
-                              <p>
-                                Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                Let <var>result</var> be a new <a
+                                href="#dfn-KeyPair"><code>KeyPair</code></a> object
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.publicKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "verify" ]</code>.
+                                Let <var>result</var><code>.publicKey</code> be a new <a
+                                href="#dfn-Key"><code>Key</code></a> object representing the public
+                                key of the generated key pair.
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
-                              </p>
-                            </li>
-                                                    <li>
-                              <p>
-                                Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                Let <var>result</var><code>.publicKey.extractable</code> be
+                                <code>true</code>
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.privateKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "sign" ]</code>.
+                                Let <var>result</var><code>.publicKey.keyUsages</code> be the
+                                intersection of <var>usages</var> and <code>[ "verify" ]</code>.
+                              </p>
+                            </li>
+                            <li>
+                              <p>
+                                Let <var>result</var><code>.privateKey</code> be a new <a
+                                href="#dfn-Key"><code>Key</code></a> object representing the private
+                                key of the generated key pair.
+                              </p>
+                            </li>
+                            <li>
+                              <p>
+                                Let <var>result</var><code>.privateKey.extractable</code> be
+                                <var>extractable</var>.
+                              </p>
+                            </li>
+                            <li>
+                              <p>
+                                Let <var>result</var><code>.privateKey.keyUsages</code> be the
+                                intersection of <var>usages</var> and <code>[ "sign" ]</code>.
                               </p>
                             </li>
                             <li>
@@ -3436,65 +3651,91 @@
               <dt>Encrypt</dt>
               <dd>
                 <ol>
-                    <li>
-                        <p>
-                            If <var>key</var> does not have key type <code>public</code>, terminate this algorithm with an error.
-                        </p>
-                    </li>
-                    <li>
-                      <p>
-                      If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
-                      </p>
-                    </li>
-                    <li>
-                        <p>
-                            Perform the encrytion operation defined in Section 7.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the recipient's RSA public key, the contents of <var>plaintext</var> as the message to be encrypted, M, and <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with the hash function identified by <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
-                            <ol>
-                                <li>
-                                    <p>
-                                        If performing the operation results in an error, terminate this algorithm with an error.
-                                    </p>
-                                </li>
-                                <li>
-                                    <p>
-                                        Otherwise, let <var>ciphertext</var> be a new <code>ArrayBuffer</code> containing the value C that results from performing the operation.
-                                    </p>
-                                </li>
-                            </ol>
-                        </p>
-                    </li>
+                  <li>
+                    <p>
+                      If <var>key</var> does not have key type <code>public</code>, terminate this
+                      algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the encrytion operation defined in Section 7.1 of [<cite><a
+                      href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                      as the recipient's RSA public key, the contents of <var>plaintext</var> as the
+                      message to be encrypted, M, and
+                      <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with
+                      the hash function identified by
+                      <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1
+                      (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
+                      the MGF option.
+                      <ol>
+                        <li>
+                          <p>
+                            If performing the operation results in an error, terminate this
+                            algorithm with an error.
+                          </p>
+                        </li>
+                        <li>
+                          <p>
+                            Otherwise, let <var>ciphertext</var> be a new <code>ArrayBuffer</code>
+                            containing the value C that results from performing the operation.
+                          </p>
+                        </li>
+                      </ol>
+                    </p>
+                  </li>
                 </ol>
               </dd>
               <dt>Decrypt</dt>
               <dd>
                 <ol>
-                    <li>
-                        <p>
-                            If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                        </p>
-                    </li>
-                    <li>
-                      <p>
-                      If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
-                      </p>
-                    </li>
-                    <li>
-                        <p>
-                            Perform the decryption operation defined in Section 7.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the recipient's RSA private key, the contents of <var>ciphertext</var> as the cipertext to be decrypted, C, and <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with the hash function identified by <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
-                            <ol>
-                                <li>
-                                    <p>
-                                        If performing the operation results in an error, terminate this algorithm with an error.
-                                    </p>
-                                </li>
-                                <li>
-                                    <p>
-                                        Otherwise, let <var>plaintext</var> be a new <code>ArrayBuffer</code> containing the value M that results from performing the operation.
-                                    </p>
-                                </li>
-                            </ol>
-                        </p>
-                    </li>
+                  <li>
+                    <p>
+                      If <var>key</var> does not have key type <code>private</code>, terminate this
+                      algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the decryption operation defined in Section 7.1 of [<cite><a
+                      href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                      as the recipient's RSA private key, the contents of <var>ciphertext</var> as
+                      the cipertext to be decrypted, C, and
+                      <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with
+                      the hash function identified by
+                      <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1
+                      (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
+                      the MGF option.
+                      <ol>
+                        <li>
+                           <p>
+                              If performing the operation results in an error, terminate this
+                              algorithm with an error.
+                          </p>
+                        </li>
+                        <li>
+                           <p>
+                              Otherwise, let <var>plaintext</var> be a new <code>ArrayBuffer</code>
+                              containing the value M that results from performing the operation.
+                          </p>
+                        </li>
+                      </ol>
+                    </p>
+                  </li>
                 </ol>
               </dd>
               <dt>Generate Key</dt>
@@ -3502,16 +3743,22 @@
                 <ol>
                   <li>
                     <p>
-                    If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a>
+                      are not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                    Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+                      Generate an RSA key pair, as defined in [<cite><a
+                      href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
+                      <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
+                      exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
                       <ul>
                         <li>
                           <p>
-                          If generation of the key pair fails, terminate this algorithm with an error.
+                            If generation of the key pair fails, terminate this algorithm with an
+                            error.
                           </p>
                         </li>
                         <li>
@@ -3520,37 +3767,48 @@
                             <ol>
                               <li>
                                 <p>
-                                  Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
-                                </p>
-                              </li>
-                              <li>
-                                <p>
-                                  Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
-                                </p>
-                              </li>
-                              <li>
-                                <p>
-                                  Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                  Let <var>result</var> be a new <a
+                                  href="#dfn-KeyPair"><code>KeyPair</code></a> object
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey" ]</code>.
+                                  Let <var>result</var><code>.publicKey</code> be a new <a
+                                  href="#dfn-Key"><code>Key</code></a> object representing the
+                                  public key of the generated key pair.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
+                                  Let <var>result</var><code>.publicKey.extractable</code> be
+                                  <code>true</code>
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey"
+                                  ]</code>.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "decrypt", "unwrapKey" ]</code>.
+                                  Let <var>result</var><code>.privateKey</code> be a new <a
+                                  href="#dfn-Key"><code>Key</code></a> object representing the
+                                  private key of the generated key pair.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.extractable</code> be
+                                  <var>extractable</var>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "decrypt",
+                                  "unwrapKey" ]</code>.
                                 </p>
                               </li>
                               <li>
@@ -3652,8 +3910,9 @@
 };
             </x:codeblock>
             <p>
-              The <dfn id="dfn-NamedCurve">NamedCurve</dfn> type represents named elliptic curves, which
-              are a convenient way to specify the domain parameters of well-known elliptic curves. The following values are recognized:
+              The <dfn id="dfn-NamedCurve">NamedCurve</dfn> type represents named elliptic curves,
+              which are a convenient way to specify the domain parameters of well-known elliptic
+              curves. The following values are recognized:
               <dl>
                 <dt id="dfn-NamedCurve-p256"><code>P-256</code></dt>
                 <dd>NIST recommended curve P-256, also known as <code>secp256r1</code>.</dd>
@@ -3674,13 +3933,14 @@
                 <ol>
                   <li>
                     <p>
-                      If <var>key</var> does not refer to an ECDSA private key, terminate the algorithm with an error.
+                      If <var>key</var> does not refer to an ECDSA private key, terminate the
+                      algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>hash</var> be initialized to an instance of the underlying hash algorithm
-                      indicated by <var>hash</var>
+                      Let <var>hash</var> be initialized to an instance of the underlying hash
+                      algorithm indicated by <var>hash</var>
                     </p>
                   </li>
                   <li>
@@ -3695,13 +3955,14 @@
                   </li>
                   <li>
                     <p>
-                      If the context object's internal state is not <code>"complete"</code>, return an
-                      empty <code>ArrayBuffer</code>.
+                      If the context object's internal state is not <code>"complete"</code>, return
+                      an empty <code>ArrayBuffer</code>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>M</var> be the result of finalizing the hash algorithm of <var>hash</var>.
+                      Let <var>M</var> be the result of finalizing the hash algorithm of
+                      <var>hash</var>.
                     </p>
                   </li>
                   <li>
@@ -3711,7 +3972,8 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>params</var> be the EC domain parameters associated with <var>key</var>.
+                      Let <var>params</var> be the EC domain parameters associated with
+                      <var>key</var>.
                     </p>
                   </li>
                   <li>
@@ -3734,12 +3996,14 @@
                   </li>
                   <li>
                     <p>
-                      Convert <var>r</var> to a bitstring and append the sequence of bytes to <var>result</var>.
+                      Convert <var>r</var> to a bitstring and append the sequence of bytes to
+                     <var>result</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Convert <var>s</var> to a bitstring and append the sequence of bytes to <var>result</var>.
+                      Convert <var>s</var> to a bitstring and append the sequence of bytes to
+                      <var>result</var>.
                     </p>
                   </li>
                   <li>
@@ -3755,13 +4019,14 @@
                 <ol>
                   <li>
                     <p>
-                      If <var>key</var> does not refer to an ECDSA public key, terminate the algorithm with an error.
+                      If <var>key</var> does not refer to an ECDSA public key, terminate the
+                      algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>hash</var> be initialized to an instance of the underlying hash algorithm
-                      indicated by <var>hash</var>
+                      Let <var>hash</var> be initialized to an instance of the underlying hash
+                      algorithm indicated by <var>hash</var>
                     </p>
                   </li>
                   <li>
@@ -3776,12 +4041,14 @@
                   </li>
                   <li>
                     <p>
-                      If the context object's internal state is not <code>"complete"</code>, terminate the algorithm.
+                      If the context object's internal state is not <code>"complete"</code>,
+                      terminate the algorithm.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>M</var> be the result of finalizing the hash algorithm of <var>hash</var>.
+                      Let <var>M</var> be the result of finalizing the hash algorithm of
+                      <var>hash</var>.
                     </p>
                   </li>
                   <li>
@@ -3797,9 +4064,10 @@
                   </li>
                   <li>
                     <p>
-                      Perform the ECDSA verifying process, as specified in <a href="#X9.62">X9.62</a>,
-                      Section 7.4, with <var>M</var> as the received message, using <var>params</var> as the
-                      EC domain parameters, and with <var>Q</var> as the public key.
+                      Perform the ECDSA verifying process, as specified in <a
+                      href="#X9.62">X9.62</a>, Section 7.4, with <var>M</var> as the received
+                      message, using <var>params</var> as the EC domain parameters, and with
+                      <var>Q</var> as the public key.
                     </p>
                   </li>
                   <li>
@@ -3828,8 +4096,8 @@
           <div id="ecdh-description" class="section">
             <h4>Description</h4>
             <p>
-              This describes using Elliptic Curve Diffie-Hellman (ECDH) for key generation and key agreement, as
-              specified by <a href="#X9.63">X9.63</a>.
+              This describes using Elliptic Curve Diffie-Hellman (ECDH) for key generation and key
+              agreement, as specified by <a href="#X9.63">X9.63</a>.
             </p>
           </div>
           <div id="ecdh-registration" class="section">
@@ -3888,8 +4156,8 @@
             </x:codeblock>
             <p>
               The <a href="#dfn-ECPoint">ECPoint</a> typedef is a <code>Uint8Array</code> holding an
-              elliptic curve point. An elliptic curve point is converted to an array of Uint8 elements
-              using the procedure specified in <a href="#X9.62">X9.62</a> Annex A.5.7.
+              elliptic curve point. An elliptic curve point is converted to an array of Uint8
+              elements using the procedure specified in <a href="#X9.62">X9.62</a> Annex A.5.7.
             </p>
           </div>
           <div id="ecdh-operations" class="section">
@@ -3899,22 +4167,27 @@
               <ol>
                 <li>
                   <p>
-                  If any of the members of <a href="#dfn-EcKeyGenParams">EcKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
-                  </p>
-                </li>
-                <li>
-                  <p>
-                    If <var>usages</var> contains a value which is not either <code>deriveKey</code> or <code>dervieBits</code>,
+                    If any of the members of <a href="#dfn-EcKeyGenParams">EcKeyGenParams</a> are
+                    not present in <var>normalizedAlgorithm</var>, or have incorrect types,
                     terminate this algorithm with an error.
                   </p>
                 </li>
                 <li>
                   <p>
-                  Generate an Eliptic Curve key pair, as defined in [<a href="#X9.63">X9.63</a>] with domain parameters for the curve identified by <var>normalizedAlgorithm</var><code>.namedCurve</code>.
+                    If <var>usages</var> contains a value which is not either <code>deriveKey</code>
+                    or <code>dervieBits</code>, terminate this algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    Generate an Eliptic Curve key pair, as defined in [<a href="#X9.63">X9.63</a>]
+                    with domain parameters for the curve identified by
+                    <var>normalizedAlgorithm</var><code>.namedCurve</code>.
                     <ul>
                       <li>
                         <p>
-                        If generation of the key pair fails, terminate this algorithm with an error.
+                          If generation of the key pair fails, terminate this algorithm with an
+                          error.
                         </p>
                       </li>
                       <li>
@@ -3923,37 +4196,46 @@
                           <ol>
                             <li>
                               <p>
-                                Let <var>result</var> be a new <a href="#dfn-KeyPair"><code>KeyPair</code></a> object
-                              </p>
-                            </li>
-                            <li>
-                              <p>
-                                Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
-                              </p>
-                            </li>
-                            <li>
-                              <p>
-                                Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                Let <var>result</var> be a new <a
+                                href="#dfn-KeyPair"><code>KeyPair</code></a> object
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.publicKey.keyUsages</code> be <var>usages</var>.
+                                Let <var>result</var><code>.publicKey</code> be a new <a
+                                href="#dfn-Key"><code>Key</code></a> object representing the public
+                                key of the generated key pair.
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
+                                Let <var>result</var><code>.publicKey.extractable</code> be
+                                <code>true</code>
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                Let <var>result</var><code>.publicKey.keyUsages</code> be
+                                <var>usages</var>.
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.privateKey.keyUsages</code> be <var>usages</var>.
+                                Let <var>result</var><code>.privateKey</code> be a new <a
+                                href="#dfn-Key"><code>Key</code></a> object representing the private
+                                key of the generated key pair.
+                              </p>
+                            </li>
+                            <li>
+                              <p>
+                                Let <var>result</var><code>.privateKey.extractable</code> be
+                                <var>extractable</var>.
+                              </p>
+                            </li>
+                            <li>
+                              <p>
+                                Let <var>result</var><code>.privateKey.keyUsages</code> be
+                                <var>usages</var>.
                               </p>
                             </li>
                             <li>
@@ -3972,24 +4254,30 @@
             <dt>Derive Key</dt>
             <dd>
               <ol>
-                  <li>
-                    <p>
-                        If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                    If any of the members of <a href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
-                    </p>
-                  </li>
                 <li>
                   <p>
-                    Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1 with <var>key</var> as the EC
-                    private key d and <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
+                    If <var>key</var> does not have key type <code>private</code>, terminate this
+                    algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    If any of the members of <a
+                    href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in
+                    <var>normalizedAlgorithm</var>, or have incorrect types, terminate this
+                    algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1
+                    with <var>key</var> as the EC private key d and
+                    <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
                     <ol>
                       <li>
                         <p>
-                          If performing the operation results in an error, terminate this algorithm with an error.
+                          If performing the operation results in an error, terminate this algorithm
+                          with an error.
                         </p>
                       </li>
                       <li>
@@ -4001,40 +4289,53 @@
                   </p>
                 </li>
                 <div class="note">
-                  Note: <a href="#X9.63">X9.63</a> Section 5.4.2 and <a href="#SP800-56A">NIST SP 800-56A</a>
-                  Section 5.7.1.2 specify a modified ECDH primitive that multiplies the shared secret value by
-                  the cofactor of the curve. The cofactor of the NIST recommended curves P-256, P-384, and P-521
-                  is 1, so the standard and modified ECDH primitives are equivalent for those curves.
+                  Note: <a href="#X9.63">X9.63</a> Section 5.4.2 and <a href="#SP800-56A">NIST SP
+                  800-56A</a> Section 5.7.1.2 specify a modified ECDH primitive that multiplies the
+                  shared secret value by the cofactor of the curve. The cofactor of the NIST
+                  recommended curves P-256, P-384, and P-521 is 1, so the standard and modified ECDH
+                  primitives are equivalent for those curves.
                 </div>
                 <li>
-                  <div class="ednote">Define how the finite field member <var>result</var> is converted to a bit string</div>
+                  <div class="ednote">
+                    Define how the finite field member <var>result</var> is converted to a bit
+                    string
+                  </div>
                 </li>
                 <li>
-                  <div class="ednote">Define how a key for algorithm <var>normalizedDerivedKeyAlgorithm</var> is derived from a bit string</div>
+                  <div class="ednote">
+                    Define how a key for algorithm <var>normalizedDerivedKeyAlgorithm</var> is
+                    derived from a bit string
+                  </div>
                 </li>
               </ol>
             </dd>
             <dt>Derive Bits</dt>
             <dd>
               <ol>
-                  <li>
-                    <p>
-                        If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                    If any of the members of <a href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
-                    </p>
-                  </li>
                 <li>
                   <p>
-                    Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1 with <var>key</var> as the EC
-                    private key d and <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
+                    If <var>key</var> does not have key type <code>private</code>, terminate this
+                    algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    If any of the members of <a
+                    href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in
+                    <var>normalizedAlgorithm</var>, or have incorrect types, terminate this
+                    algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1
+                    with <var>key</var> as the EC private key d and
+                    <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
                     <ol>
                       <li>
                         <p>
-                          If performing the operation results in an error, terminate this algorithm with an error.
+                          If performing the operation results in an error, terminate this algorithm
+                          with an error.
                         </p>
                       </li>
                       <li>
@@ -4046,7 +4347,10 @@
                   </p>
                 </li>
                 <li>
-                  <div class="ednote">Define how the finite field member <var>result</var> is converted to a bit string</div>
+                  <div class="ednote">
+                    Define how the finite field member <var>result</var> is converted to a bit
+                    string.
+                  </div>
                 </li>
               </ol>
             </dd>
@@ -4977,8 +5281,8 @@
         <h2>Algorithm normalizing rules</h2>
         <p>
           The <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> typedef
-          permits algorithms to be specified as either a <code>dictionary</code> or a DOMString.
-          In order to ensure consistency, conforming user agents must normalize all AlgorithmIdentifier
+          permits algorithms to be specified as either a <code>dictionary</code> or a DOMString. In
+          order to ensure consistency, conforming user agents must normalize all AlgorithmIdentifier
           inputs into a single, canonical form. When normalization is indicated, it must act as
           follows:
         </p>
@@ -5001,9 +5305,9 @@
                 Convert every character in <var>O</var> to lower case.
               </li>
               <li>
-                If <var>O</var> contains a recognized <a href="#dfn-algorithm-alias">algorithm alias</a>
-                then let <var>result</var> be re-initialized to the aliased dictionary and this algorithm
-                restarted, using <var>result</var> as the input to be normalized.
+                If <var>O</var> contains a recognized <a href="#dfn-algorithm-alias">algorithm
+                alias</a> then let <var>result</var> be re-initialized to the aliased dictionary and
+                this algorithm restarted, using <var>result</var> as the input to be normalized.
               </li>
               <li>
                 Otherwise, throw an <code>InvalidAlgorithmError</code>
@@ -5102,151 +5406,136 @@
     <div id="iana-section" class="section">
     <h2>IANA Considerations</h2>
         <div id="iana-section-jws-jwa" class="section">
-
-            <h3>JSON Web Signature and Encryption Algorithms Registration</h3>
-
-            <p>
-                This section registers the following algorithm identifiers in the IANA JSON Web Signature and Encryption Algorithms Registry for use with JSON Web Key.
-                Note that the 'Implementation Requirements' field in the template refers to use with JSON Web Signature and JSON Web Encryption specifically, in which
-                case use of unauthenticated encryption is prohibited.
-            </p>
-            
-            <ul>
-                <li>Algorithm Name: "A128CBC"</li>
-                <li>Algorithm Description: AES CBC using 128 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-
-            <ul>
-                <li>Algorithm Name: "A192CBC"</li>
-                <li>Algorithm Description: AES CBC using 192 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A256CBC"</li>
-                <li>Algorithm Description: AES CBC using 256 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A128CTR"</li>
-                <li>Algorithm Description: AES CTR using 128 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A192CTR"</li>
-                <li>Algorithm Description: AES CTR using 192 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A256CTR"</li>
-                <li>Algorithm Description: AES CTR using 256 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-          
-            <ul>
-                <li>Algorithm Name: "A128CMAC"</li>
-                <li>Algorithm Description: AES CMAC using 128 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A192CMAC"</li>
-                <li>Algorithm Description: AES CMAC using 192 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A256CMAC"</li>
-                <li>Algorithm Description: AES CMAC using 256 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-          
-            <ul>
-                <li>Algorithm Name: "A128CFB"</li>
-                <li>Algorithm Description: AES CFB using 128 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A192CFB"</li>
-                <li>Algorithm Description: AES CFB using 192 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A256CFB"</li>
-                <li>Algorithm Description: AES CFB using 256 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-          
-            <ul>
-                <li>Algorithm Name: "HS1"</li>
-                <li>Algorithm Description: HMAC using SHA-1</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "HS224"</li>
-                <li>Algorithm Description: HMAC using SHA-224</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
+          <h3>JSON Web Signature and Encryption Algorithms Registration</h3>
+          <p>
+            This section registers the following algorithm identifiers in the IANA JSON Web
+            Signature and Encryption Algorithms Registry for use with JSON Web Key. Note that the
+            'Implementation Requirements' field in the template refers to use with JSON Web
+            Signature and JSON Web Encryption specifically, in which case use of unauthenticated
+            encryption is prohibited.
+          </p>
+          <ul>
+            <li>Algorithm Name: "A128CBC"</li>
+            <li>Algorithm Description: AES CBC using 128 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A192CBC"</li>
+            <li>Algorithm Description: AES CBC using 192 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>            
+          <ul>
+            <li>Algorithm Name: "A256CBC"</li>
+            <li>Algorithm Description: AES CBC using 256 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>            
+          <ul>
+            <li>Algorithm Name: "A128CTR"</li>
+            <li>Algorithm Description: AES CTR using 128 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>            
+          <ul>
+            <li>Algorithm Name: "A192CTR"</li>
+            <li>Algorithm Description: AES CTR using 192 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A256CTR"</li>
+            <li>Algorithm Description: AES CTR using 256 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A128CMAC"</li>
+            <li>Algorithm Description: AES CMAC using 128 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>          
+          <ul>
+            <li>Algorithm Name: "A192CMAC"</li>
+            <li>Algorithm Description: AES CMAC using 192 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A256CMAC"</li>
+            <li>Algorithm Description: AES CMAC using 256 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A128CFB"</li>
+            <li>Algorithm Description: AES CFB using 128 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A192CFB"</li>
+            <li>Algorithm Description: AES CFB using 192 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A256CFB"</li>
+            <li>Algorithm Description: AES CFB using 256 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "HS1"</li>
+            <li>Algorithm Description: HMAC using SHA-1</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "HS224"</li>
+            <li>Algorithm Description: HMAC using SHA-224</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
         </div>
-        
         <div id="iana-section-jwk" class="section">
-            <h3>JSON Web Key Parameters Registry</h3>
-            <ul>
-                <li>Parameter Name: "ext"</li>
-                <li>Used with "kty" Value(s): *</li>
-                <li>Parameter Information Class: Public</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-ext">JSON Web Key "ext" attribute</a> in this document</li>
-            </ul>
+          <h3>JSON Web Key Parameters Registry</h3>
+          <ul>
+            <li>Parameter Name: "ext"</li>
+            <li>Used with "kty" Value(s): *</li>
+            <li>Parameter Information Class: Public</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-ext">JSON Web Key "ext" attribute</a> in this document</li>
+          </ul>
         </div>
       </div>
       <div id="acknowledgements-section" class="section">
@@ -5263,12 +5552,13 @@
           mailing list.
         </p>
         <p>
-         The W3C would like to thank the <a href="http://www.northropgrumman.com/cybersecurity/presskit_research_co.html">Northrop Grumman Cybersecurity
-Research Consortium</a> for supporting W3C/MIT. 
+         The W3C would like to thank the <a
+         href="http://www.northropgrumman.com/cybersecurity/presskit_research_co.html">Northrop
+         Grumman Cybersecurity Research Consortium</a> for supporting W3C/MIT.
         </p>
         <p>
-          The <a href="#dfn-RandomSource-method-getRandomValues"><code>getRandomValues</code></a> method
-          in the <code>Crypto</code> interface was originally proposed by Adam Barth to the
+          The <a href="#dfn-RandomSource-method-getRandomValues"><code>getRandomValues</code></a>
+          method in the <code>Crypto</code> interface was originally proposed by Adam Barth to the
           <a href="http://wiki.whatwg.org/wiki/Crypto">WHATWG</a>.
         </p>
       </div>
--- a/spec/Overview.html	Fri Feb 07 16:03:28 2014 -0800
+++ b/spec/Overview.html	Thu Feb 13 00:00:00 2014 -0800
@@ -28,20 +28,20 @@
   <link rel="stylesheet" href="//www.w3.org/StyleSheets/TR/W3C-ED" type="text/css" /></head>
 
   <body>
-    <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>7 February 2014</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. &lt;[email protected]&gt;</dd><dd><a href="http://www.netflix.com/">Mark Watson</a>, Netflix &lt;[email protected]&gt;</dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:[email protected]?subject=%5BWebCryptoAPI%5D">[email protected]</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document">file a bug</a> 
+    <div class="head"><div><a href="http://www.w3.org/"><img src="//www.w3.org/Icons/w3c_home" width="72" height="48" alt="W3C" /></a></div><h1>Web Cryptography API</h1><h2>W3C Editor’s Draft <em>13 February 2014</em></h2><dl><dt>Latest Editor’s Draft:</dt><dd><a href="http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html">http://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html</a></dd><dt>Latest Published Version:</dt><dd><a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a></dd><dt>Previous Version(s):</dt><dd><a href="https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html">https://dvcs.w3.org/hg/webcrypto-api/raw-file/0fe9b34c13fb/spec/Overview.html</a></dd><dt>Editors:</dt><dd><a href="http://www.google.com/">Ryan Sleevi</a>, Google, Inc. &lt;[email protected]&gt;</dd><dd><a href="http://www.netflix.com/">Mark Watson</a>, Netflix &lt;[email protected]&gt;</dd><dt>Participate:</dt><dd><p>Send feedback to <a href="mailto:[email protected]?subject=%5BWebCryptoAPI%5D">[email protected]</a> (<a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>), or <a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document">file a bug</a> 
     (see <a href="https://www.w3.org/Bugs/Public/buglist.cgi?product=Web%20Cryptography&amp;component=Web%20Cryptography%20API%20Document&amp;resolution=---">existing bugs</a>).</p></dd></dl><p class="copyright"><a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a> &copy; view <a href="http://www.w3.org/"><abbr title="World Wide Web Consortium">W3C</abbr></a><sup>&reg;</sup> (<a href="http://www.csail.mit.edu/"><abbr title="Massachusetts Institute of Technology">MIT</abbr></a>, <a href="http://www.ercim.org/"><abbr title="European Research Consortium for Informatics and Mathematics">ERCIM</abbr></a>, <a href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>, <a href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a> and <a href="http://www.w3.org/Consortium/Legal/copyright-documents">document use</a> rules apply.</p></div><hr />
 
     <div class="section">
       <h2>Abstract</h2>
       <p>
-This specification describes a JavaScript API for performing basic
-cryptographic operations in web applications, such as hashing,
-signature generation and verification, and encryption and decryption.
-Additionally, it describes an API for applications to generate and/or
-manage the keying material necessary to perform these operations. 
-Uses for this API range from user or service authentication, document
-or code signing, and the confidentiality and integrity of
-communications.
+        This specification describes a JavaScript API for performing basic
+        cryptographic operations in web applications, such as hashing,
+        signature generation and verification, and encryption and decryption.
+        Additionally, it describes an API for applications to generate and/or
+        manage the keying material necessary to perform these operations. 
+        Uses for this API range from user or service authentication, document
+        or code signing, and the confidentiality and integrity of
+        communications.
       </p>
   
       <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 17 further editorial notes in the document.</p></div>
@@ -56,7 +56,7 @@
         report can be found in the <a href="http://www.w3.org/TR/">W3C technical
           reports index</a> at http://www.w3.org/TR/.
       </em></p><p>
-        This document is the 7 February 2014 <b>Editor’s Draft</b> of the
+        This document is the 13 February 2014 <b>Editor’s Draft</b> of the
         <cite>Web Cryptography API</cite> specification.
       
       Please send comments about this document to
@@ -90,7 +90,6 @@
       <p>
         Previous discussion of this specification has taken place on three other
         mailing lists: <a href="mailto:[email protected]">[email protected]</a>
-
         (<a href="http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2011-May/031741.html">archive</a>)
         , <a href="mailto:[email protected]">[email protected]</a>
         (<a href="http://lists.w3.org/Archives/Public/public-web-security/2011Jun/0000.html">archive</a>), and 
@@ -100,13 +99,12 @@
       </p>
       
       <p>
-        Web content and browser developers are encouraged to review this draft. Please send comments to
-        <a href="mailto:[email protected]">[email protected]</a>,
-        the <acronym title="World Wide Web Consortium">W3C</acronym>'s public email list for issues related
-        to Web Cryptography.
-        <a href="http://lists.w3.org/Archives/Public/public-webcrypto-comments/">Archives</a> of the public list and
-        <a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a> of the member's-only list
-        are available.
+        Web content and browser developers are encouraged to review this draft. Please send comments
+        to <a href="mailto:[email protected]">[email protected]</a>,
+        the <acronym title="World Wide Web Consortium">W3C</acronym>'s public email list for issues
+        related to Web Cryptography. <a href="http://lists.w3.org/Archives/Public/public-webcrypto-comments/">Archives</a> of the
+        public list and <a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>
+        of the member's-only list are available.
       </p>
       <p>
         Changes made to this document can be found in the
@@ -339,30 +337,31 @@
           <p>
             The specification attempts to focus on the common functionality and features between
             various platform-specific or standardized cryptographic APIs, and avoid features and
-            functionality that are specific to one or two implementations. As such this API allows key
-            generation, management, and exchange with a level of abstraction that avoids developers
-            needing to care about the implementation of the underlying key storage. The API is focused
-            specifically around Key objects, as an abstraction for the underlying raw cryptographic
-            keying material. The intent behind this is to allow an API that is generic enough to allow
-            conforming user agents to expose keys that are stored and managed directly by the user agent,
-            that may be stored or managed using isolated storage APIs such as per-user key stores provided
-            by some operating systems, or within key storage devices such as secure elements, while allowing
-            rich web applications to manipulate the keys and without requiring the web application be
-            aware of the nature of the underlying key storage.
+            functionality that are specific to one or two implementations. As such this API allows
+            key generation, management, and exchange with a level of abstraction that avoids
+            developers needing to care about the implementation of the underlying key storage. The
+            API is focused specifically around Key objects, as an abstraction for the underlying raw
+            cryptographic keying material. The intent behind this is to allow an API that is generic
+            enough to allow conforming user agents to expose keys that are stored and managed
+            directly by the user agent, that may be stored or managed using isolated storage APIs
+            such as per-user key stores provided by some operating systems, or within key storage
+            devices such as secure elements, while allowing rich web applications to manipulate the
+            keys and without requiring the web application be aware of the nature of the underlying
+            key storage.
           </p>
         </div>
         <div class="section" id="scope-algorithms">
           <h3>4.2. Cryptographic algorithms</h3>
           <p>
-            Because the underlying cryptographic implementations will vary between conforming user agents,
-            and may be subject to local policy, including but not limited to concerns such as government
-            or industry regulation, security best practices, intellectual property concerns, and
-            constrained operational environments, this specification does not dictate a mandatory set of
-            algorithms that <span class="RFC2119">MUST</span> be implemented. Instead, it defines a
-            common set of bindings that can be used in an algorithm-independent manner, a common
-            framework for discovering if a user agent or key handle supports the underlying algorithm,
-            and a set of conformance requirements for the behaviours of individual algorithms, if
-            implemented.
+            Because the underlying cryptographic implementations will vary between conforming user
+            agents, and may be subject to local policy, including but not limited to concerns such
+            as government or industry regulation, security best practices, intellectual property
+            concerns, and constrained operational environments, this specification does not dictate
+            a mandatory set of algorithms that <span class="RFC2119">MUST</span> be implemented.
+            Instead, it defines a common set of bindings that can be used in an
+            algorithm-independent manner, a common framework for discovering if a user agent or key
+            handle supports the underlying algorithm, and a set of conformance requirements for the
+            behaviours of individual algorithms, if implemented.
           </p>
         </div>
         <div class="section" id="scope-operations">
@@ -377,14 +376,14 @@
         <div class="section" id="scope-out-of-scope">
           <h3>4.4. Out of scope</h3>
           <p>
-            This API, while allowing applications to generate, retrieve, and manipulate keying material,
-            does not specifically address the provisioning of keys in particular types of key
-            storage, such as secure elements or smart cards. This is due to such provisioning operations
-            often being burdened with vendor-specific details that make defining a vendor-agnostic
-            interface an unsuitably unbounded task. Additionally, this API does not deal with or address
-            the discovery of cryptographic modules, as such concepts are dependent upon the underlying
-            user agent and are not concepts that are portable between common operating systems,
-            cryptographic libraries, and implementations.
+            This API, while allowing applications to generate, retrieve, and manipulate keying
+            material, does not specifically address the provisioning of keys in particular types of
+            key storage, such as secure elements or smart cards. This is due to such provisioning
+            operations often being burdened with vendor-specific details that make defining a
+            vendor-agnostic interface an unsuitably unbounded task. Additionally, this API does not
+            deal with or address the discovery of cryptographic modules, as such concepts are
+            dependent upon the underlying user agent and are not concepts that are portable between
+            common operating systems, cryptographic libraries, and implementations.
           </p>
         </div>
       </div>
@@ -428,12 +427,12 @@
               <li>
                 <a href="https://www.w3.org/2012/webcrypto/track/issues/33">ISSUE-33</a>
                 One proposed technical solution for user agents is to implement "key tainting", in
-                which it records how a particular key has been used (eg: algorithms, parameters), and
-                prevents it from being re-used in a manner that is unsafe or contrary to the security -
-                such as preventing a PKCS1-v1.5 key from being used with RSA-PSS, or preventing an
-                RSA-OAEP w/ MGF1-SHA1 from being used with RSA-OAEP w/ MGF1-SHA256. Questions exist
-                about whether this should be encouraged or permitted, and the interoperability concerns
-                it might cause.
+                which it records how a particular key has been used (eg: algorithms, parameters),
+                and prevents it from being re-used in a manner that is unsafe or contrary to the
+                security - such as preventing a PKCS1-v1.5 key from being used with RSA-PSS, or
+                preventing an RSA-OAEP w/ MGF1-SHA1 from being used with RSA-OAEP w/ MGF1-SHA256.
+                Questions exist about whether this should be encouraged or permitted, and the
+                interoperability concerns it might cause.
               </li>
             </ul>
           </div>
@@ -456,13 +455,13 @@
           </p>
           <p>
             While the API in this specification provides a means to protect keys from future access
-            by web applications, it makes no statements as to how the actual keying material will
-            be stored by an implementation. As such, although a key may be inaccessible to web
-            content, it should not be presumed that it is inaccessible to end-users. For example, a
+            by web applications, it makes no statements as to how the actual keying material will be
+            stored by an implementation. As such, although a key may be inaccessible to web content,
+            it should not be presumed that it is inaccessible to end-users. For example, a
             conforming user agent may choose to implement key storage by storing key material in
             plain text on device storage. Although the user agent prevents access to the raw keying
-            material to web applications, any user with access to device storage may be able to recover
-            the key.
+            material to web applications, any user with access to device storage may be able to
+            recover the key.
           </p>
         </div>
       </div>
@@ -475,9 +474,9 @@
           <dd>
             Malicious applications may be able to fingerprint users or user agents by detecting or
             enumerating the list of algorithms that are supported. This is especially true if an
-            implementation exposes details about users' smart cards or secure element storage, as the
-            combination of algorithms supported by such devices may be used to fingerprint devices
-            more accurately than just the particular user agent.
+            implementation exposes details about users' smart cards or secure element storage, as
+            the combination of algorithms supported by such devices may be used to fingerprint
+            devices more accurately than just the particular user agent.
           </dd>
           <dt>Tracking</dt>
           <dd>
@@ -492,9 +491,9 @@
             associate users with keys. These associations may be used to enhance the security of
             authenticating to the application, such as using a key stored in a secure element as a
             second factor, or may be used by users to assert some identity, such as an e-mail
-            signing identity. As such, these keys often live longer than their counterparts such
-            as usernames and passwords, and it may be undesirable or prohibitive for users to
-            revoke these keys.
+            signing identity. As such, these keys often live longer than their counterparts such as
+            usernames and passwords, and it may be undesirable or prohibitive for users to revoke
+            these keys.
             Because of this, keys may exist longer than the lifetime of the browsing context
             [<a href="#HTML">HTML</a>] and beyond the lifetime of items such as cookies, thus
             presenting a risk that a user may be tracked even after clearing such data. This is
@@ -563,10 +562,10 @@
           are defined by the HTML specification [<a href="#HTML">HTML</a>].
         </p>
         <p>
-          When this specification says to <dfn id="terminate-the-algorithm">terminate the algorithm</dfn>,
-          the user agent must terminate the algorithm after finishing the step it is on. The algorithm
-          referred to is the set of specification-defined processing steps, rather than the underlying
-          cryptographic algorithm that may be in the midst of processing.
+          When this specification says to <dfn id="terminate-the-algorithm">terminate the
+          algorithm</dfn>, the user agent must terminate the algorithm after finishing the step it
+          is on. The algorithm referred to is the set of specification-defined processing steps,
+          rather than the underlying cryptographic algorithm that may be in the midst of processing.
         </p>
       </div>
 
@@ -593,13 +592,13 @@
             as much entropy as practicable.
           </div>
           <div class="note"><div class="noteHeader">Note</div>
-            This interface defines a synchronous method for obtaining cryptographically
-            random values. While some devices and implementations may support truly random cryptographic
+            This interface defines a synchronous method for obtaining cryptographically random
+            values. While some devices and implementations may support truly random cryptographic
             number generators or provide interfaces that block when there is insufficient entropy,
-            implementations are discouraged from using these sources when implementing getRandomValues,
-            both for performance and to avoid depleting the system of entropy. Instead, these sources
-            should be used to seed a cryptographic pseudo-random number generator that can then return
-            suitable values efficiently.
+            implementations are discouraged from using these sources when implementing
+            getRandomValues, both for performance and to avoid depleting the system of entropy.
+            Instead, these sources should be used to seed a cryptographic pseudo-random number
+            generator that can then return suitable values efficiently.
           </div>
         </div>
         <div id="RandomSource-interface-methods" class="section">
@@ -641,7 +640,8 @@
             <div class="note"><div class="noteHeader">Note</div>
               <p>
                 Do not generate keys using the <code>getRandomValues</code> method. Use the
-                <a href="#dfn-SubtleCrypto-method-generateKey"><code>generateKey</code></a> method instead.
+                <a href="#dfn-SubtleCrypto-method-generateKey"><code>generateKey</code></a> method
+                instead.
               </p>
             </div>
           </div>
@@ -698,19 +698,18 @@
           <h3>11.1. Description</h3>
           <span class="normative">This section is non-normative</span>
           <p>
-            This specification provides a uniform interface for many different kinds of keying material
-            managed by the user agent. This may include keys that have been generated by the user agent,
-            derived from other keys by the user agent, imported to the user agent through user actions
-            or using this API, pre-provisioned within software or hardware to which the user agent has
-            access or made available to the user agent in other ways. The term key refers broadly to
-            any keying material including actual keys for cryptographic operations and secret
-            values obtained within key derivation or exchange operations.
+            This specification provides a uniform interface for many different kinds of keying
+            material managed by the user agent. This may include keys that have been generated by
+            the user agent, derived from other keys by the user agent, imported to the user agent
+            through user actions or using this API, pre-provisioned within software or hardware to
+            which the user agent has access or made available to the user agent in other ways. The
+            term key refers broadly to any keying material including actual keys for cryptographic
+            operations and secret values obtained within key derivation or exchange operations.
           </p>
           <p>
             The Key object is not required to directly interface with the underlying key storage
-            mechanism, and may instead simply be a reference for the user agent to understand how
-            to obtain the keying material when needed, eg. when performing a cryptographic
-            operation.
+            mechanism, and may instead simply be a reference for the user agent to understand how to
+            obtain the keying material when needed, eg. when performing a cryptographic operation.
           </p>
         </div>
 
@@ -718,21 +717,25 @@
           <h3>11.2. Key interface data types</h3>
           <dl>
             <dt id="dfn-KeyType"><code>KeyType</code></dt>
-            <dd>The type of a key. The <dfn id="dfn-RecognizedKeyType">recognized key type values</dfn> are <code>"public"</code>, <code>"private"</code> and <code>"secret"</code>.
-                Opaque keying material, including that used for symmetric algorithms, is represented by <code>"secret"</code>,
-                while keys used as part of asymmetric algorithms composed of public/private keypairs will be either
-                <code>"public"</code> or <code>"private"</code>.
+            <dd>
+              The type of a key. The <dfn id="dfn-RecognizedKeyType">recognized key type values</dfn>
+              are <code>"public"</code>, <code>"private"</code> and <code>"secret"</code>.
+              Opaque keying material, including that used for symmetric algorithms, is represented by
+              <code>"secret"</code>, while keys used as part of asymmetric algorithms composed of
+              public/private keypairs will be either <code>"public"</code> or <code>"private"</code>.
             </dd>
             <dt id="dfn-KeyUsage"><code>KeyUsage</code></dt>
-            <dd>A type of operation that may be performed using a key. The <dfn id="dfn-RecognizedKeyUsage">recognized key usage values</dfn> are
-                    <code>"encrypt"</code>,
-                    <code>"decrypt"</code>,
-                    <code>"sign"</code>,
-                    <code>"verify"</code>,
-                    <code>"deriveKey"</code>,
-                    <code>"deriveBits"</code>,
-                    <code>"wrapKey"</code> and
-                    <code>"unwrapKey"</code>.
+            <dd>
+              A type of operation that may be performed using a key. The
+              <dfn id="dfn-RecognizedKeyUsage">recognized key usage values</dfn> are
+              <code>"encrypt"</code>,
+              <code>"decrypt"</code>,
+              <code>"sign"</code>,
+              <code>"verify"</code>,
+              <code>"deriveKey"</code>,
+              <code>"deriveBits"</code>,
+              <code>"wrapKey"</code> and
+              <code>"unwrapKey"</code>.
             </dd>
           </dl>
         </div>
@@ -776,8 +779,8 @@
             <li>
               Let the following attributes of <var>output</var> be equal to the value obtained by
               invoking the internal structured clone algorithm recursively, using the corresponding
-              attribute on <var>input</var> as the new "<var>input</var>" argument and <var>memory</var>
-              as the new "<var>memory</var>" argument:
+              attribute on <var>input</var> as the new "<var>input</var>" argument and
+              <var>memory</var> as the new "<var>memory</var>" argument:
               <ul>
                 <li><a href="#dfn-Key-type">type</a></li>
                 <li><a href="#dfn-Key-extractable">extractable</a></li>
@@ -792,303 +795,338 @@
           </ol>
           <div class="note"><div class="noteHeader">Note</div>
             <strong>Implementation Note:</strong> When performing the structured clone algorithm for
-            a <code>Key</code> object, it is important that the underlying cryptographic key material
-            not be exposed to a JavaScript implementation. Such a situation may arise if an implementation
-            fails to implement the structured clone algorithm correctly, such as by allowing a <code>Key</code> object
-            to be serialized as part of a structured clone implementation, but then deserializing it as
-            a <code>DOMString</code>, rather than as a <code>Key</code> object.
+            a <code>Key</code> object, it is important that the underlying cryptographic key
+            material not be exposed to a JavaScript implementation. Such a situation may arise if an
+            implementation fails to implement the structured clone algorithm correctly, such as by
+            allowing a <code>Key</code> object to be serialized as part of a structured clone
+            implementation, but then deserializing it as a <code>DOMString</code>, rather than as a
+            <code>Key</code> object.
           </div>
         </div>
 
         <div id="key-interface-jwk" class="section">
-        
-            <h3>11.5. Representation using JSON Web Key</h3>
-            <p>
-                The <a href="#dfn-KeyFormat">KeyFormat</a> value <code>jwk</code> enables <a href="#dfn-Key">Key</a> objects to be imported or exported in <a href="#jwk">JSON Web Key</a> format.
-            </p>
-            <p>
-                This specification defines additional <a href="#jwk">JSON Web Key</a> attributes and attribute values that may be used for this purpose as follows:
-                <ul>
-                    <li>Additional <code>alg</code> names for algorithms supported by WebCrypto not already defined for <a href="#jwk">JSON Web Key</a></li>
-                    <li>A new <code>ext</code> attribute providing the value of the <a href="#dfn-Key">Key</a>'s <a href="#dfn-Key-extractable">extractable</a> attribute.</li>
-                </ul>
-
-            </p>
+          <h3>11.5. Representation using JSON Web Key</h3>
+          <p>
+            The <a href="#dfn-KeyFormat">KeyFormat</a> value <code>jwk</code> enables <a href="#dfn-Key">Key</a> objects to be imported or exported in <a href="#jwk">JSON Web
+            Key</a> format.
+          </p>
+          <p>
+            This specification defines additional <a href="#jwk">JSON Web Key</a> attributes and
+            attribute values that may be used for this purpose as follows:
+            <ul>
+              <li>
+                Additional <code>alg</code> names for algorithms supported by WebCrypto not already
+                defined for <a href="#jwk">JSON Web Key</a>
+              </li>
+              <li>
+                A new <code>ext</code> attribute providing the value of the <a href="#dfn-Key">Key</a>'s <a href="#dfn-Key-extractable">extractable</a> attribute.
+              </li>
+            </ul>
+          </p>
             <div id="key-interface-jwk-extensions" class="section">
               <h4>11.5.1. Extensions to JSON Web Key</h4>
               <div id="key-interface-jwk-algorithms" class="section">
-                  <h5>11.5.1.1. JSON Web Key algorithm names for WebCrypto algorithms</h5>
-                  <p>
-                      This specification defines additional <a href="#jwk">JSON Web Key</a> algorithm names:
-                        <code>A128CTR</code>,
-                        <code>A192CTR</code>,
-                        <code>A256CTR</code>,
-                        <code>A128CBC</code>,
-                        <code>A192CBC</code>,
-                        <code>A256CBC</code>,
-                        <code>A128CMAC</code>,
-                        <code>A192CMAC</code>,
-                        <code>A256CMAC</code>,
-                        <code>A128CFB</code>,
-                        <code>A192CFB</code>,
-                        <code>A256CFB</code>,
-                        <code>HS1</code>,
-                        <code>HS224</code>.
-                    
-                      These are associated with WebCrypto algorithms as defined in the mapping tables below.
-                  </p>
+                <h5>11.5.1.1. JSON Web Key algorithm names for WebCrypto algorithms</h5>
+                <p>
+                  This specification defines additional <a href="#jwk">JSON Web Key</a> algorithm names:
+                  <code>A128CTR</code>,
+                  <code>A192CTR</code>,
+                  <code>A256CTR</code>,
+                  <code>A128CBC</code>,
+                  <code>A192CBC</code>,
+                  <code>A256CBC</code>,
+                  <code>A128CMAC</code>,
+                  <code>A192CMAC</code>,
+                  <code>A256CMAC</code>,
+                  <code>A128CFB</code>,
+                  <code>A192CFB</code>,
+                  <code>A256CFB</code>,
+                  <code>HS1</code>,
+                  <code>HS224</code>.
+                  These are associated with WebCrypto algorithms as defined in the mapping tables
+                  below.
+                </p>
               </div>
               <div id="key-interface-jwk-ext" class="section">
-                  <h5>11.5.1.2. JSON Web Key <code>ext</code> attribute</h5>
-                  <p>
-                  This specification defines a new <a href="#jwk">JSON Web Key</a> attribute <code>ext</code> that enables the value of the <a href="#dfn-Key-extractable">extractable</a> attribute of a <a href="#dfn-Key">Key</a> to be included in a <a href="#jwk">JSON Web Key</a> object. The <code>ext</code> attribute SHALL have a Boolean value.
-                  </p>
+                <h5>11.5.1.2. JSON Web Key <code>ext</code> attribute</h5>
+                <p>
+                  This specification defines a new <a href="#jwk">JSON Web Key</a> attribute
+                  <code>ext</code> that enables the value of the
+                  <a href="#dfn-Key-extractable">extractable</a> attribute of a
+                  <a href="#dfn-Key">Key</a> to be included in a <a href="#jwk">JSON Web Key</a>
+                  object. The <code>ext</code> attribute SHALL have a Boolean value.
+                </p>
               </div>
             </div>
             <div id="key-interface-jwk-mapping" class="section">
               <h4>11.5.2. Mapping between WebCrypto and JSON Web Key</h4>
-              <p>This section defines the mapping between WebCrypto <a href="#dfn-Key">Key</a> objects and <a href="#jwk">JSON Web Key</a> objects.</p>
+              <p>
+                This section defines the mapping between WebCrypto <a href="#dfn-Key">Key</a>
+                objects and <a href="#jwk">JSON Web Key</a> objects.
+              </p>
               <div id="key-interface-jwk-mapping-alg" class="section">
-                  <h5>11.5.2.1. Mapping of algorithms</h5>
-                  <p>The JSON Web Key <code>alg</code> member shall be mapped to / from the <code>name</code>, <code>length</code> and <code>hash</code> members of the <code>algorithm</code> attribute
-                  of the Key object according to the following tables:</p>
-                  <table>
-                      <thead>
-                          <tr>
-                              <td>WebCrypto <code>Key.algorithm.name</code></td>
-                              <td>JWK <code>alg</code> value</td>
-                          </tr>
-                      </thead>
-                      <tbody>
-                          <tr>
-                              <td><code>RSAES-PKCS1-V1_5</code></td>
-                              <td><code>RSA1_5</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSA-OAEP</code></td>
-                              <td><code>RSA-OAEP</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>ECDH</code></td>
-                              <td><code>ECDH-ES</code></td>
-                          </tr>
-                      </tbody>
-                  </table>
-                  <p></p>
-                  <table>
-                      <thead>
-                          <tr>
-                              <td>WebCrypto <code>Key.algorithm.name</code></td>
-                              <td>WebCrypto <code>Key.algorithm.length</code></td>
-                              <td>JWK <code>alg</code> value</td>
-                          </tr>
-                      
-                      </thead>
-                      <tbody>
-                          <tr>
-                              <td><code>AES-CTR</code></td>
-                              <td>128</td>
-                              <td><code>A128CTR</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-CTR</code></td>
-                              <td>192</td>
-                              <td><code>A192CTR</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-CTR</code></td>
-                              <td>256</td>
-                              <td><code>A256CTR</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-CBC</code></td>
-                              <td>128</td>
-                              <td><code>A128CBC</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-CBC</code></td>
-                              <td>192</td>
-                              <td><code>A192CBC</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-CBC</code></td>
-                              <td>256</td>
-                              <td><code>A256CBC</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>128</td>
-                              <td><code>A128KW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>192</td>
-                              <td><code>A192KW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>256</td>
-                              <td><code>A256KW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-GCM</code></td>
-                              <td>128</td>
-                              <td><code>A128GCM</code> or <code>A128GCMKW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-GCM</code></td>
-                              <td>192</td>
-                              <td><code>A192GCM</code> or <code>A128GCMKW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-GCM</code></td>
-                              <td>256</td>
-                              <td><code>A256GCM</code> or <code>A128GCMKW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>128</td>
-                              <td><code>A128KW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>192</td>
-                              <td><code>A192KW</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>AES-KW</code></td>
-                              <td>256</td>
-                              <td><code>A256KW</code></td>
-                          </tr>
-                      </tbody>
-                  </table>
-                  <p></p>
-                  <table>
-                      <thead>
-                          <tr>
-                              <td>WebCrypto <code>Key.algorithm.name</code></td>
-                              <td>WebCrypto <code>Key.algorithm.hash</code></td>
-                              <td>JWK <code>alg</code> value</td>
-                          </tr>
-                      </thead>
-                      <tbody>
-
-                          <tr>
-                              <td><code>HMAC</code></td>
-                              <td><code>SHA-1</code></td>
-                              <td><code>HS1</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>HMAC</code></td>
-                              <td><code>SHA-224</code></td>
-                              <td><code>HS224</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>HMAC</code></td>
-                              <td><code>SHA-256</code></td>
-                              <td><code>HS256</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>HMAC</code></td>
-                              <td><code>SHA-384</code></td>
-                              <td><code>HS384</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>HMAC</code></td>
-                              <td><code>SHA-512</code></td>
-                              <td><code>HS512</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSASSA-PKCS1-v1_5</code></td>
-                              <td><code>SHA-256</code></td>
-                              <td><code>RS256</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSASSA-PKCS1-v1_5</code></td>
-                              <td><code>SHA-384</code></td>
-                              <td><code>RS384</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSASSA-PKCS1-v1_5</code></td>
-                              <td><code>SHA-512</code></td>
-                              <td><code>RS512</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSA-PSS</code></td>
-                              <td><code>SHA-256</code></td>
-                              <td><code>PS256</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSA-PSS</code></td>
-                              <td><code>SHA-384</code></td>
-                              <td><code>PS384</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>RSA-PSS</code></td>
-                              <td><code>SHA-512</code></td>
-                              <td><code>PS512</code></td>
-                          </tr>
-                      </tbody>
-                  </table>
+                <h5>11.5.2.1. Mapping of algorithms</h5>
+                <p>
+                  The JSON Web Key <code>alg</code> member shall be mapped to / from the
+                  <code>name</code>, <code>length</code> and <code>hash</code> members of the
+                  <code>algorithm</code> attribute of the Key object according to the following
+                  tables:
+                </p>
+                <table>
+                  <thead>
+                    <tr>
+                      <td>WebCrypto <code>Key.algorithm.name</code></td>
+                      <td>JWK <code>alg</code> value</td>
+                  </tr>
+                  </thead>
+                  <tbody>
+                    <tr>
+                      <td><code>RSAES-PKCS1-V1_5</code></td>
+                      <td><code>RSA1_5</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>RSA-OAEP</code></td>
+                      <td><code>RSA-OAEP</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>ECDH</code></td>
+                      <td><code>ECDH-ES</code></td>
+                    </tr>
+                  </tbody>
+                </table>
                 <p></p>
-                  <table>
-                      <thead>
-                          <tr>
-                              <td>WebCrypto <code>Key.algorithm.name</code></td>
-                              <td>WebCrypto <code>Key.algorithm.namedCurve</code></td>
-                              <td>JWK <code>alg</code> value</td>
-                          </tr>
-                      </thead>
-                      <tbody>
-                          <tr>
-                              <td><code>ECDSA</code></td>
-                              <td><code>P-256</code></td>
-                              <td><code>ES256</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>ECDSA</code></td>
-                              <td><code>P-384</code></td>
-                              <td><code>ES384</code></td>
-                          </tr>
-                          <tr>
-                              <td><code>ECDSA</code></td>
-                              <td><code>P-512</code></td>
-                              <td><code>ES512</code></td>
-                          </tr>
-                      </tbody>
-                  </table>
+                <table>
+                  <thead>
+                    <tr>
+                      <td>WebCrypto <code>Key.algorithm.name</code></td>
+                      <td>WebCrypto <code>Key.algorithm.length</code></td>
+                      <td>JWK <code>alg</code> value</td>
+                    </tr>
+                  </thead>
+                  <tbody>
+                    <tr>
+                      <td><code>AES-CTR</code></td>
+                      <td>128</td>
+                      <td><code>A128CTR</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-CTR</code></td>
+                      <td>192</td>
+                      <td><code>A192CTR</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-CTR</code></td>
+                      <td>256</td>
+                      <td><code>A256CTR</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-CBC</code></td>
+                      <td>128</td>
+                      <td><code>A128CBC</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-CBC</code></td>
+                      <td>192</td>
+                      <td><code>A192CBC</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-CBC</code></td>
+                      <td>256</td>
+                      <td><code>A256CBC</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>128</td>
+                      <td><code>A128KW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>192</td>
+                      <td><code>A192KW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>256</td>
+                      <td><code>A256KW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-GCM</code></td>
+                      <td>128</td>
+                      <td><code>A128GCM</code> or <code>A128GCMKW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-GCM</code></td>
+                      <td>192</td>
+                      <td><code>A192GCM</code> or <code>A128GCMKW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-GCM</code></td>
+                      <td>256</td>
+                      <td><code>A256GCM</code> or <code>A128GCMKW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>128</td>
+                      <td><code>A128KW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>192</td>
+                      <td><code>A192KW</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>AES-KW</code></td>
+                      <td>256</td>
+                      <td><code>A256KW</code></td>
+                    </tr>
+                  </tbody>
+                </table>
+                <p></p>
+                <table>
+                  <thead>
+                    <tr>
+                      <td>WebCrypto <code>Key.algorithm.name</code></td>
+                      <td>WebCrypto <code>Key.algorithm.hash</code></td>
+                      <td>JWK <code>alg</code> value</td>
+                    </tr>
+                  </thead>
+                  <tbody>
+                    <tr>
+                      <td><code>HMAC</code></td>
+                      <td><code>SHA-1</code></td>
+                      <td><code>HS1</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>HMAC</code></td>
+                      <td><code>SHA-224</code></td>
+                      <td><code>HS224</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>HMAC</code></td>
+                      <td><code>SHA-256</code></td>
+                      <td><code>HS256</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>HMAC</code></td>
+                      <td><code>SHA-384</code></td>
+                      <td><code>HS384</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>HMAC</code></td>
+                      <td><code>SHA-512</code></td>
+                      <td><code>HS512</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>RSASSA-PKCS1-v1_5</code></td>
+                      <td><code>SHA-256</code></td>
+                      <td><code>RS256</code></td>
+                    </tr>
+                    <tr>
+                       <td><code>RSASSA-PKCS1-v1_5</code></td>
+                      <td><code>SHA-384</code></td>
+                      <td><code>RS384</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>RSASSA-PKCS1-v1_5</code></td>
+                      <td><code>SHA-512</code></td>
+                      <td><code>RS512</code></td>
+                    </tr>
+                    <tr>
+                       <td><code>RSA-PSS</code></td>
+                      <td><code>SHA-256</code></td>
+                      <td><code>PS256</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>RSA-PSS</code></td>
+                      <td><code>SHA-384</code></td>
+                      <td><code>PS384</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>RSA-PSS</code></td>
+                      <td><code>SHA-512</code></td>
+                      <td><code>PS512</code></td>
+                    </tr>
+                  </tbody>
+                </table>
+                <p></p>
+                <table>
+                  <thead>
+                    <tr>
+                      <td>WebCrypto <code>Key.algorithm.name</code></td>
+                      <td>WebCrypto <code>Key.algorithm.namedCurve</code></td>
+                      <td>JWK <code>alg</code> value</td>
+                    </tr>
+                  </thead>
+                  <tbody>
+                    <tr>
+                      <td><code>ECDSA</code></td>
+                      <td><code>P-256</code></td>
+                      <td><code>ES256</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>ECDSA</code></td>
+                      <td><code>P-384</code></td>
+                      <td><code>ES384</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>ECDSA</code></td>
+                      <td><code>P-512</code></td>
+                      <td><code>ES512</code></td>
+                    </tr>
+                  </tbody>
+                </table>
               </div>
               <div id="key-interface-jwk-mapping-use" class="section">
                 <h5>11.5.2.2. Mapping of usages</h5>
-                <p>When exporting a WebCrypto <a href="#dfn-Key">Key</a> in JWK format, the value of the <a href="#dfn-Key">Key</a>.usages array shall be copied into the JWK <code>key_ops</code> member where each WebCrypto <a href="#dfn-KeyUsage">KeyUsage</a> value maps to the JWK <code>key_ops</code> value of the same name. The <code>use</code> member shall not be present.</p>
-                <p>When importing a JWK format key into a WebCrypto <a href="#dfn-Key">Key</a> object, if the <code>key_ops</code> member is present then the
-                  WebCrypto <a href="#dfn-KeyUsage">KeyUsages</a> specified by this JWK shall be equal to the values listed in <code>key_ops</code>  where each JWK <code>key_ops</code> value maps to the WebCrypto <a href="#dfn-KeyUsage">KeyUsage</a> value of the same name, except that unrecognized values SHALL be ignored. If the <code>key_ops</code> member is not present and the <code>use</code> member is present, then the WebCrypto <a href="#dfn-KeyUsage">KeyUsages</a> specified by this JWK shall be as specified in the following table:
-                  </p>
-                  
-                  <table>
-                    <thead>
-                      <tr>
-                        <td>JWK <code>use</code> value</td>
-                        <td>WebCrypto Key.usages value</td>
-                      </tr>
-                    </thead>
-                    <tbody>
-                      <tr>
-                        <td><code>enc</code></td>
-                        <td><code>[ "encrypt", "decrypt", "wrapKey", "unwrapKey" ]</code></td>
-                      </tr>
-                      <tr>
-                        <td><code>sig</code></td>
-                        <td><code>[ "sign", "verify" ]</code></td>
-                      </tr>
-                    </tbody>
-                  </table>
+                <p>
+                  When exporting a WebCrypto <a href="#dfn-Key">Key</a> in JWK format, the value of
+                  the <a href="#dfn-Key">Key</a>.usages array shall be copied into the JWK
+                  <code>key_ops</code> member where each WebCrypto <a href="#dfn-KeyUsage">KeyUsage</a>
+                  value maps to the JWK <code>key_ops</code> value of the same name. The
+                  <code>use</code> member shall not be present.
+                </p>
+                <p>
+                  When importing a JWK format key into a WebCrypto <a href="#dfn-Key">Key</a> object,
+                  if the <code>key_ops</code> member is present then the WebCrypto
+                  <a href="#dfn-KeyUsage">KeyUsages</a> specified by this JWK shall be equal to the
+                  values listed in <code>key_ops</code>  where each JWK <code>key_ops</code> value
+                  maps to the WebCrypto <a href="#dfn-KeyUsage">KeyUsage</a> value of the same name,
+                  except that unrecognized values SHALL be ignored. If the <code>key_ops</code>
+                  member is not present and the <code>use</code> member is present, then the
+                  WebCrypto <a href="#dfn-KeyUsage">KeyUsages</a> specified by this JWK shall be as
+                  specified in the following table:
+                </p>  
+                <table>
+                  <thead>
+                    <tr>
+                      <td>JWK <code>use</code> value</td>
+                      <td>WebCrypto Key.usages value</td>
+                    </tr>
+                  </thead>
+                  <tbody>
+                    <tr>
+                      <td><code>enc</code></td>
+                      <td><code>[ "encrypt", "decrypt", "wrapKey", "unwrapKey" ]</code></td>
+                    </tr>
+                    <tr>
+                      <td><code>sig</code></td>
+                      <td><code>[ "sign", "verify" ]</code></td>
+                    </tr>
+                  </tbody>
+                </table>
               </div>
               <div id="key-interface-jwk-mapping-ext" class="section">
                 <h5>11.5.2.3. Mapping of extractable</h5>
-                <p>When exporting a WebCrypto <a href="#dfn-Key">Key</a> in JWK format, the value of the JWK <code>ext</code> attribute shall be <code>true</code>.</p>
-                <p>When importing a JWK format key into a WebCrypto <a href="#dfn-Key">Key</a> object, if the <code>ext</code> member is present then the
-                  WebCrypto <a href="#dfn-Key-extractable">extractable</a> value specified by this JWK shall be equal to the <code>ext</code> member value.</p>
+                <p>
+                  When exporting a WebCrypto <a href="#dfn-Key">Key</a> in JWK format, the value of
+                  the JWK <code>ext</code> attribute shall be <code>true</code>.
+                </p>
+                <p>
+                  When importing a JWK format key into a WebCrypto <a href="#dfn-Key">Key</a> object,
+                  if the <code>ext</code> member is present then the WebCrypto
+                  <a href="#dfn-Key-extractable">extractable</a> value specified by this JWK shall
+                  be equal to the <code>ext</code> member value.
+                </p>
               </div>
            </div>
         </div>
@@ -1343,8 +1381,8 @@
               <li>
                 <p>
                   Let <var>plaintext</var> be the result of performing the underlying decrypt
-                  algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as <var>key</var>
-                  and <code>data</code> as <var>ciphertext</var>.
+                  algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as
+                  <var>key</var> and <code>data</code> as <var>ciphertext</var>.
                 </p>
               </li>
               <li>
@@ -1404,9 +1442,9 @@
               </li>
               <li>
                 <p>
-                  Let <var>result</var> be the result of performing the signature
-                  algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as <var>key</var>
-                  and <code>data</code> as <var>message</var>.
+                  Let <var>result</var> be the result of performing the signature algorithm
+                  specified by <var>normalizedAlgorithm</var> with <code>key</code> as
+                  <var>key</var> and <code>data</code> as <var>message</var>.
                 </p>
               </li>
               <li>
@@ -1467,8 +1505,9 @@
               <li>
                 <p>
                   Let <var>result</var> be the result of performing the signature verification
-                  algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as <var>key</var>,
-                  <code>signature</code> as <var>signature</var> and <code>data</code> as <var>message</var>.
+                  algorithm specified by <var>normalizedAlgorithm</var> with <code>key</code> as
+                  <var>key</var>, <code>signature</code> as <var>signature</var> and
+                  <code>data</code> as <var>message</var>.
                 </p>
               </li>
               <li>
@@ -1537,7 +1576,9 @@
           <div id="SubtleCrypto-method-generateKey" class="section">
             <h4>13.3.6. The generateKey method</h4>
              <p>
-              When invoked, <dfn id="dfn-SubtleCrypto-method-generateKey"><code>generateKey</code></dfn> <span class="RFC2119">MUST</span> perform the following steps:
+              When invoked, <dfn id="dfn-SubtleCrypto-method-generateKey">
+              <code>generateKey</code></dfn> <span class="RFC2119">MUST</span> perform the
+              following steps:
             </p>
             <ol>
               <li>
@@ -1557,13 +1598,16 @@
               </li>
               <li>
                 <p>
-                  If <code>keyUsages</code> includes a value that is not a <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>keyUsages</code> includes a value that is not a
+                  <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
+                  <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
+                  the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
+                  its associated resolver.
                 </p>
               </li>
               <li>
@@ -1575,7 +1619,10 @@
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote"><div class="ednoteHeader">Editorial note</div>Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+                  Determine whether to reject the algorithm with a DOMError or a
+                  <code>null</code> result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -1593,8 +1640,9 @@
               <li>
                 <p>
                   Let <var>result</var> be the result of executing the key generation algorithm
-                  defined by the algorithm indicated in <var>normalizedAlgorithm</var> with <code>extractable</code> as <var>extractable</var>
-                  and <code>keyUsages</code> as <var>usages</var>.
+                  defined by the algorithm indicated in <var>normalizedAlgorithm</var> with
+                  <code>extractable</code> as <var>extractable</var> and <code>keyUsages</code> as
+                  <var>usages</var>.
                 </p>
               </li>
               <li>
@@ -1609,7 +1657,8 @@
           <div id="SubtleCrypto-method-deriveKey" class="section">
             <h4>13.3.7. The deriveKey method</h4>
             <p>
-              When invoked, <dfn id="dfn-SubtleCrypto-method-deriveKey"><code>deriveKey</code></dfn> <span class="RFC2119">MUST</span> perform the following steps:
+              When invoked, <dfn id="dfn-SubtleCrypto-method-deriveKey"><code>deriveKey</code></dfn>
+              <span class="RFC2119">MUST</span> perform the following steps:
             </p>
             <ol>
               <li>
@@ -1629,7 +1678,8 @@
               </li>
               <li>
                 <p>
-                  If <code>derivedKeyType</code> is null, let <var>normalizedDerivedKeyAlgorithm</var> be null. Otherwise,
+                  If <code>derivedKeyType</code> is null, let
+                  <var>normalizedDerivedKeyAlgorithm</var> be null. Otherwise,
                   <ol>
                     <li>
                       <p>
@@ -1641,7 +1691,8 @@
                     <li>
                       <p>
                         If <var>normalizedDerivedKeyAlgorithm</var> does not describe a
-                        <a href="#algorithms">registered algorithm</a> throw a <code>NotSupportedError</code> and
+                        <a href="#algorithms">registered algorithm</a> throw a
+                        <code>NotSupportedError</code> and
                         <a href="#terminate-the-algorithm">terminate the algorithm</a>.
                       </p>
                     </li>
@@ -1657,13 +1708,16 @@
               </li>
               <li>
                 <p>
-                  If <code>keyUsages</code> includes a value that is not a <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>keyUsages</code> includes a value that is not a
+                  <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
+                  <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the
+                  algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
+                  its associated resolver.
                 </p>
               </li>
               <li>
@@ -1675,7 +1729,10 @@
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote"><div class="ednoteHeader">Editorial note</div>Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+                  Determine whether to reject the algorithm with a DOMError or a
+                  <code>null</code> result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -1700,8 +1757,9 @@
               <li>
                 <p>
                   Let <var>result</var> be the result of executing the key derivation algorithm
-                  defined by the algorithm indicated in <var>normalizedAlgorithm</var> using <code>key</code> as <var>key</var>,
-                  <code>extractable</code> as <var>extractable</var> and <code>keyUsages</code> as <var>usages</var>.
+                  defined by the algorithm indicated in <var>normalizedAlgorithm</var> using
+                  <code>key</code> as <var>key</var>, <code>extractable</code> as
+                  <var>extractable</var> and <code>keyUsages</code> as <var>usages</var>.
                 </p>
               </li>
               <li>
@@ -1716,7 +1774,8 @@
           <div id="SubtleCrypto-method-deriveBits" class="section">
             <h4>13.3.8. The deriveBits method</h4>
             <p>
-              When invoked, <dfn id="dfn-SubtleCrypto-method-deriveBits"><code>deriveBits</code></dfn> <span class="RFC2119">MUST</span> perform the following steps:
+              When invoked, <dfn id="dfn-SubtleCrypto-method-deriveBits"><code>deriveBits</code></dfn>
+              <span class="RFC2119">MUST</span> perform the following steps:
             </p>
             <ol>
               <li>
@@ -1743,7 +1802,8 @@
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
+                  its associated resolver.
                 </p>
               </li>
               <li>
@@ -1755,7 +1815,10 @@
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote"><div class="ednoteHeader">Editorial note</div>Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+                  Determine whether to reject the algorithm with a DOMError or a <code>null</code>
+                  result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -1795,7 +1858,8 @@
           <div id="SubtleCrypto-method-importKey" class="section">
             <h4>13.3.9. The <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method</h4>
             <p>                  
-              When invoked, the <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method <span class="RFC2119">MUST</span> perform the following steps:
+              When invoked, the <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method
+              <span class="RFC2119">MUST</span> perform the following steps:
             </p>
             <ol>
               <li>
@@ -1827,26 +1891,31 @@
               </li>
               <li>
                 <p>
-                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key format value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
+                  format value</a>, throw a <code>NotSupportedError</code> and
+                  <a href="#terminate-the-algorithm">terminate the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  If <code>keyUsages</code> includes a value that is not a <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>keyUsages</code> includes a value that is not a
+                  <a href="#dfn-RecognizedKeyUsage">recognized key usage value</a>, throw a
+                  <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
+                  the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>format</var>, <var>keyData</var>, <var>extractable</var> and <var>usages</var> be the <code>format</code>, <code>keyData</code>,
-                  <code>extractable</code> and <code>usages</code> parameters to the <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method respectively.
+                  Let <var>format</var>, <var>keyData</var>, <var>extractable</var> and
+                  <var>usages</var> be the <code>format</code>, <code>keyData</code>,
+                  <code>extractable</code> and <code>usages</code> parameters to the
+                  <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn> method respectively.
                 </p>
-              
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
+                  its associated resolver.
                 </p>
               </li>
               <li>
@@ -1858,7 +1927,10 @@
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote"><div class="ednoteHeader">Editorial note</div>Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+                  Determine whether to reject the algorithm with a DOMError or a
+                  <code>null</code> result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -1876,20 +1948,23 @@
               
               <li>
                 <p>
-                  If <var>keyData</var>, interpreted accoding to <var>format</var>, specifies parameters that are
-                  inconsistent with the parameters supplied to <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn>,
-                  terminate this algorithm with an error.
+                  If <var>keyData</var>, interpreted accoding to <var>format</var>, specifies
+                  parameters that are inconsistent with the parameters supplied to
+                  <dfn id="dfn-SubtleCrypto-method-importKey">importKey</dfn>, terminate this
+                  algorithm with an error.
                 </p>
               </li>
               <li>
                 <p>
-                    Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that results from interpreting
-                    <var>keyData</var> accoding to <var>format</var> using the key import algorithm indicated in <var>normalizedAlgorithm</var>.
+                  Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that
+                  results from interpreting <var>keyData</var> accoding to <var>format</var> using
+                  the key import algorithm indicated in <var>normalizedAlgorithm</var>.
                 </p>
               </li>
               <li>
                 <p>
-                    Set <var>result</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> to be <var>extractable</var>.
+                  Set <var>result</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a>
+                  to be <var>extractable</var>.
                 </p>
               </li>
               <li>
@@ -1909,38 +1984,42 @@
           <div id="SubtleCrypto-method-exportKey" class="section">
             <h4>13.3.10. The <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method</h4>
             <p>
-              When invoked, the <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method <span class="RFC2119">MUST</span> perform the following steps:
+              When invoked, the <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method
+              <span class="RFC2119">MUST</span> perform the following steps:
             </p>
             <ol>
-            
               <li>
                 <p>
-                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key format value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
+                  format value</a>, throw a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>key</var> and <var>format</var> be the values of the <code>key</code> and <code>format</code> parameters to the
-                  <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method respectively.
+                  Let <var>key</var> and <var>format</var> be the values of the <code>key</code> and
+                  <code>format</code> parameters to the <dfn id="dfn-SubtleCrypto-method-exportKey">exportKey</dfn> method respectively.
                 </p>
               </li>
-            
-              <li>
-                  <p>
-                    Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
-                  </p>
-              </li>
               <li>
                 <p>
-                  Return <var>promise</var> and continue executing the remaining steps asynchronously.
+                  Let <var>promise</var> be a new <code>Promise</code> object and
+                  <var>resolver</var> its associated resolver.
+                </p>
+              </li>
+              <li>
+                <p>
+                  Return <var>promise</var> and continue executing the remaining steps
+                  asynchronously.
                 </p>
               </li>
               <li>
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote"><div class="ednoteHeader">Editorial note</div>Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+                  Determine whether to reject the algorithm with a DOMError or a <code>null</code>
+                  result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -1957,13 +2036,14 @@
               </li>
               <li>
                 <p>
-                  If <var>key</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> is not true,
-                  terminate this algorithm with an error.
+                  If <var>key</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> is
+                  not true, terminate this algorithm with an error.
                 </p>         
               </li>
               <li>
                 <p>
-                  Let <var>result</var> be the result of encoding <var>key</var> according to <var>format</var>.
+                  Let <var>result</var> be the result of encoding <var>key</var> according to
+                  <var>format</var>.
                 </p>
               </li>
             </ol>
@@ -1972,7 +2052,7 @@
           <div id="SubtleCrypto-method-wrapKey" class="section">
             <h4>13.3.11. The wrapKey method</h4>
             <p>
-              When invoked, the <dfn id="dfn-SubtleCrypto-method-wrapKey">wrapKey</dfn> method <span class="RFC2119">MUST</span> perform the following steps: 
+              When invoked, the <dfn id="dfn-SubtleCrypto-method-wrapKey">wrapKey</dfn> method <span class="RFC2119">MUST</span> perform the following steps:
             </p>
             <ol>
               <li>
@@ -1992,25 +2072,30 @@
               </li>
               <li>
                 <p>
-                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key format value</a>, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>format</code> is not a <a href="#dfn-RecognizedKeyFormats">recognized key
+                  format value</a>, throw a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and
+                  <var>resolver</var> its associated resolver.
                 </p>
               </li>
               <li>
                 <p>
-                  Return <var>promise</var> and continue executing the remaining steps asynchronously.
+                  Return <var>promise</var> and continue executing the remaining steps
+                  asynchronously.
                 </p>
               </li>
               <li>
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote"><div class="ednoteHeader">Editorial note</div>Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+                  Determine whether to reject the algorithm with a DOMError or a <code>null</code>
+                  result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -2034,13 +2119,14 @@
               </li>
               <li>
                 <p>
-                  If <var>key</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> is not true,
-                  terminate this algorithm with an error.
+                  If <var>key</var>.<a href="#dfn-Key-extractable"><code>extractable</code></a> is
+                  not true, terminate this algorithm with an error.
                 </p>         
               </li>
               <li>
                 <p>
-                  Let <var>bytes</var> be the result of encoding <var>key</var> according to <var>keyFormat</var>.
+                  Let <var>bytes</var> be the result of encoding <var>key</var> according to
+                  <var>keyFormat</var>.
                 </p>
               </li>
               <li>
@@ -2050,7 +2136,9 @@
               </li>
               <li>
                 <p>
-                 Let <var>result</var> be the result of performing the underlying cryptographic algorithm specified by <var>normalizedAlgorithm</var> with <var>bytes</var> as input data.
+                 Let <var>result</var> be the result of performing the underlying cryptographic
+                 algorithm specified by <var>normalizedAlgorithm</var> with <var>bytes</var> as
+                 input data.
                 </p>
               </li>
               <li>
@@ -2070,7 +2158,8 @@
           <div id="SubtleCrypto-method-unwrapKey" class="section">
             <h4>13.3.12. The unwrapKey method</h4>
             <p>
-              When invoked, the <dfn id="dfn-SubtleCrypto-method-unwrapKey">unwrapKey</dfn> method <span class="RFC2119">MUST</span> perform the following steps: 
+              When invoked, the <dfn id="dfn-SubtleCrypto-method-unwrapKey">unwrapKey</dfn> method
+              <span class="RFC2119">MUST</span> perform the following steps: 
             </p>
             <ol>
               <li>
@@ -2117,19 +2206,24 @@
               </li>
               <li>
                 <p>
-                  If <code>format</code> is not a recognized <a href="#dfn-KeyFormat"><code>KeyFormat</code></a> value, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>format</code> is not a recognized
+                  <a href="#dfn-KeyFormat"><code>KeyFormat</code></a> value, throw a
+                  <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
+                  the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  If <code>keyUsages</code> includes a value that is not a recognized <a href="#dfn-KeyUsage"><code>KeyUsage</code></a> value, throw
-                  a <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate the algorithm</a>
+                  If <code>keyUsages</code> includes a value that is not a recognized
+                  <a href="#dfn-KeyUsage"><code>KeyUsage</code></a> value, throw a
+                  <code>NotSupportedError</code> and <a href="#terminate-the-algorithm">terminate
+                  the algorithm</a>
                 </p>
               </li>
               <li>
                 <p>
-                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var> its associated resolver.
+                  Let <var>promise</var> be a new <code>Promise</code> object and <var>resolver</var>
+                  its associated resolver.
                 </p>
               </li>
               <li>
@@ -2141,7 +2235,10 @@
                 <p>
                   If an error occurs, run these substeps and then terminate the algorithm:
                 </p>
-                <div class="ednote"><div class="ednoteHeader">Editorial note</div>Determine whether to reject the algorithm with a DOMError or a <code>null</code> result.</div>
+                <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+                  Determine whether to reject the algorithm with a DOMError or a
+                  <code>null</code> result.
+                </div>
                 <ol>
                   <li>
                     <p>
@@ -2165,8 +2262,9 @@
               </li>
               <li>
                  <p>
-                   Let <var>bytes</var> be the result of performing the underlying cryptographic algorithm specified by <var>normalizedUnwrapAlgorithm</var>
-                   witk key <var>unwrappingKey</var> and input data <var>wrappedKey</var>.
+                   Let <var>bytes</var> be the result of performing the underlying cryptographic
+                   algorithm specified by <var>normalizedUnwrapAlgorithm</var> witk key
+                   <var>unwrappingKey</var> and input data <var>wrappedKey</var>.
                  </p>
               </li>
               <li>
@@ -2176,18 +2274,23 @@
               </li>
               <li>
                 <p>
-                If <var>bytes</var>, interpreted accoding to <var>format</var>, specifies parameters that are inconsistent with the parameters supplied to <a href="#dfn-SubtleCrytpo-method-unwrapKey">unwrapKey</a>, terminate this algorithm with an error.
+                  If <var>bytes</var>, interpreted accoding to <var>format</var>, specifies
+                  parameters that are inconsistent with the parameters supplied to <a href="#dfn-SubtleCrytpo-method-unwrapKey">unwrapKey</a>, terminate this algorithm
+                  with an error.
                 </p>
               </li>
               <li>
                 <p>
-                    Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that results from interpreting
-                    <var>bytes</var> accoding to <var>format</var> using the key import algorithm indicated in <var>normalizedKeyAlgorithm</var>.
+                  Let <var>result</var> be the <a href="#dfn-Key"><code>Key</code></a> object that
+                  results from interpreting <var>bytes</var> accoding to <var>format</var> using
+                  the key import algorithm indicated in <var>normalizedKeyAlgorithm</var>.
                 </p>
               </li>
               <li>
                 <p>
-                 If <var>result</var> describes a <a href="#dfn-Key"><code>Key</code></a> object that is incompatible with the parameters associated with <var>unwrappingKey</var>, terminate this algorithm with an error.
+                   If <var>result</var> describes a <a href="#dfn-Key"><code>Key</code></a> object
+                   that is incompatible with the parameters associated with
+                   <var>unwrappingKey</var>, terminate this algorithm with an error.
                 </p>
               </li>
               <li>
@@ -2250,9 +2353,9 @@
         </p>
 
         <div class="note"><div class="noteHeader">Note</div>
-            <strong>Implementation Note:</strong> Since the integer is unsigned, the highest order bit
-            is NOT a sign bit. Implementors should take care when mapping to big integer implementations
-            that expected signed integers.
+          <strong>Implementation Note:</strong> Since the integer is unsigned, the highest order bit
+          is NOT a sign bit. Implementors should take care when mapping to big integer
+          implementations that expected signed integers.
         </div>
       </div>
       
@@ -2818,55 +2921,65 @@
               <dt>Encrypt</dt>
               <dd>
                 <ol>
-                    <li>
-                        <p>
-                            If <var>key</var> does not have key type <code>public</code>, terminate this algorithm with an error.
-                        </p>
-                    </li>
-                    <li>
-                        <p>
-                            Perform the encrytion operation defined in Section 7.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the recipient's RSA public key and the contents of <var>plaintext</var> as M.
-                            <ol>
-                                <li>
-                                    <p>
-                                        If performing the operation results in an error, terminate this algorithm with an error.
-                                    </p>
-                                </li>
-                                <li>
-                                    <p>
-                                        Otherwise, let <var>ciphertext</var> be a new <code>ArrayBuffer</code> containing the value C that results from performing the operation.
-                                    </p>
-                                </li>
-                            </ol>
-                        </p>
-                    </li>
+                  <li>
+                    <p>
+                      If <var>key</var> does not have key type <code>public</code>, terminate this
+                      algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the encrytion operation defined in Section 7.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                      as the recipient's RSA public key and the contents of <var>plaintext</var> as
+                      M.
+                      <ol>
+                        <li>
+                          <p>
+                            If performing the operation results in an error, terminate this
+                            algorithm with an error.
+                          </p>
+                        </li>
+                        <li>
+                          <p>
+                            Otherwise, let <var>ciphertext</var> be a new <code>ArrayBuffer</code>
+                            containing the value C that results from performing the operation.
+                          </p>
+                        </li>
+                      </ol>
+                    </p>
+                  </li>
                 </ol>
               </dd>
               <dt>Decrypt</dt>
               <dd>
                 <ol>
-                    <li>
-                        <p>
-                            If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                        </p>
-                    </li>
-                    <li>
-                        <p>
-                            Perform the decryption operation defined in Section 7.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the recipient's RSA private key and the contents of <var>ciphertext</var> as C.
-                            <ol>
-                                <li>
-                                    <p>
-                                        If performing the operation results in an error, terminate this algorithm with an error.
-                                    </p>
-                                </li>
-                                <li>
-                                    <p>
-                                        Otherwise, let <var>plaintext</var> be a new <code>ArrayBuffer</code> containing the value M that results from performing the operation.
-                                    </p>
-                                </li>
-                            </ol>
-                        </p>
-                    </li>
+                  <li>
+                    <p>
+                      If <var>key</var> does not have key type <code>private</code>, terminate this
+                      algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the decryption operation defined in Section 7.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                     as the recipient's RSA private key and the contents of <var>ciphertext</var> as
+                     C.
+                      <ol>
+                        <li>
+                          <p>
+                            If performing the operation results in an error, terminate this
+                            algorithm with an error.
+                          </p>
+                        </li>
+                        <li>
+                          <p>
+                            Otherwise, let <var>plaintext</var> be a new <code>ArrayBuffer</code>
+                            containing the value M that results from performing the operation.
+                          </p>
+                        </li>
+                      </ol>
+                    </p>
+                  </li>
                 </ol>
               </dd>
               <dt>Generate Key</dt>
@@ -2874,12 +2987,16 @@
                 <ol>
                   <li>
                     <p>
-                    If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                    Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+                      Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
+                      <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
+                      exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
                       <ul>
                         <li>
                           <p>
@@ -2897,32 +3014,40 @@
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
-                                </p>
-                              </li>
-                              <li>
-                                <p>
-                                  Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                  Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
+                                  public key of the generated key pair.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey" ]</code>.
+                                  Let <var>result</var><code>.publicKey.extractable</code> be
+                                  <code>true</code>
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
+                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey"
+                                  ]</code>.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                  Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
+                                  private key of the generated key pair.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "decrypt", "unwrapKey" ]</code>.
+                                  Let <var>result</var><code>.privateKey.extractable</code> be
+                                  <var>extractable</var>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "decrypt",
+                                  "unwrapKey" ]</code>.
                                 </p>
                               </li>
                               <li>
@@ -3019,26 +3144,36 @@
                 <ol>
                   <li>
                     <p>
-                        If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                        If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      If <var>key</var> does not have key type <code>private</code>, terminate this
+                      algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                        Perform the signature generation operation defined in Section 8.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the signer's private key and the contents of <var>message</var> as M and using the hash function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option for the EMSA-PKCS1-v1_5 encoding method.
+                      If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are not
+                      present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
+                      this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the signature generation operation defined in Section 8.2 of
+                      [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
+                      <var>key</var> as the signer's private key and the contents of
+                      <var>message</var> as M and using the hash function specified in
+                      <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option for the
+                      EMSA-PKCS1-v1_5 encoding method.
                       <ol>
                         <li>
                           <p>
-                            If performing the operation results in an error, terminate this algorithm with an error.
+                            If performing the operation results in an error, terminate this
+                            algorithm with an error.
                           </p>
                         </li>
                         <li>
                           <p>
-                            Otherwise, let <var>signature</var> be the value S that results from performing the operation.
+                            Otherwise, let <var>signature</var> be the value S that results from
+                            performing the operation.
                           </p>
                         </li>
                       </ol>
@@ -3052,26 +3187,37 @@
                 <ol>
                   <li>
                     <p>
-                        If <var>key</var> does not have key type <code>public</code>, terminate this algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                        If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      If <var>key</var> does not have key type <code>public</code>, terminate this
+                      algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                        Perform the signature verification operation defined in Section 8.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the signer's RSA public key and the contents of <var>message</var> as M and <var>signature</var> as S and using the hash function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option for the EMSA-PKCS1-v1_5 encoding method.
+                      If any of the members of <a href="#dfn-RsaSsaParams">RsaSsaParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the signature verification operation defined in Section 8.2 of
+                      [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by
+                      <var>key</var> as the signer's RSA public key and the contents of
+                      <var>message</var> as M and <var>signature</var> as S and using the hash
+                      function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the
+                      Hash option for the EMSA-PKCS1-v1_5 encoding method.
                       <ol>
                         <li>
                           <p>
-                            If performing the operation results in an error, terminate this algorithm with an error.
+                            If performing the operation results in an error, terminate this
+                            algorithm with an error.
                           </p>
                         </li>
                         <li>
                           <p>
-                            Otherwise, let <var>result</var> be a boolean with value true if the result of the operations was "valid signature" and a boolean with value false otherwise.
+                            Otherwise, let <var>result</var> be a boolean with value true if the
+                            result of the operations was "valid signature" and a boolean with value
+                            false otherwise.
                           </p>
                         </li>
                       </ol>
@@ -3084,16 +3230,21 @@
                 <ol>
                   <li>
                     <p>
-                    If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a>
+                      are not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                    Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+                      Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
+                      <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
+                      exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
                       <ul>
                         <li>
                           <p>
-                          If generation of the key pair fails, terminate this algorithm with an error.
+                            If generation of the key pair fails, terminate this algorithm with an
+                            error.
                           </p>
                         </li>
                         <li>
@@ -3107,32 +3258,38 @@
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
-                                </p>
-                              </li>
-                              <li>
-                                <p>
-                                  Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                  Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
+                                  public key of the generated key pair.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "verify" ]</code>.
+                                  Let <var>result</var><code>.publicKey.extractable</code> be
+                                  <code>true</code>
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
-                                </p>
-                              </li>
-                                                      <li>
-                                <p>
-                                  Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "verify" ]</code>.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "sign" ]</code>.
+                                  Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
+                                  private key of the generated key pair.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.extractable</code> be
+                                  <var>extractable</var>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "sign" ]</code>.
                                 </p>
                               </li>
                               <li>
@@ -3227,26 +3384,37 @@
               <ol>
                 <li>
                   <p>
-                      If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                  </p>
-                </li>
-                <li>
-                  <p>
-                      If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                    If <var>key</var> does not have key type <code>private</code>, terminate this
+                    algorithm with an error.
                   </p>
                 </li>
                 <li>
                   <p>
-                      Perform the signature generation operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the signer's private key, K, and the contents of <var>message</var> as the message to be signed, M, and using the hash function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the salt length option for the EMM-PSS-ENCODE operation.
+                    If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not
+                    present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
+                    this algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    Perform the signature generation operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                    as the signer's private key, K, and the contents of <var>message</var> as the
+                    message to be signed, M, and using the hash function specified in
+                    <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1
+                    (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
+                    the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
+                    salt length option for the EMM-PSS-ENCODE operation.
                     <ol>
                       <li>
                         <p>
-                          If performing the operation results in an error, terminate this algorithm with an error.
+                          If performing the operation results in an error, terminate this algorithm
+                          with an error.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Otherwise, let <var>signature</var> be a new <code>ArrayBuffer</code> containing the signature, S, that results from performing the operation.
+                          Otherwise, let <var>signature</var> be a new <code>ArrayBuffer</code>
+                          containing the signature, S, that results from performing the operation.
                         </p>
                       </li>
                     </ol>
@@ -3260,26 +3428,38 @@
               <ol>
                 <li>
                   <p>
-                      If <var>key</var> does not have key type <code>public</code>, terminate this algorithm with an error.
-                  </p>
-                </li>
-                <li>
-                  <p>
-                      If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                    If <var>key</var> does not have key type <code>public</code>, terminate this
+                    algorithm with an error.
                   </p>
                 </li>
                 <li>
                   <p>
-                      Perform the signature verification operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the signer's RSA public key and the contents of <var>message</var> as M and the contents of <var>signature</var> as S and using the hash function specified in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the salt length option for the EMSA-PSS-VERIFY operation.
+                    If any of the members of <a href="#dfn-RsaPssParams">RsaPssParams</a> are not
+                    present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate
+                    this algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    Perform the signature verification operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                    as the signer's RSA public key and the contents of <var>message</var> as M and
+                    the contents of <var>signature</var> as S and using the hash function specified
+                    in <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option, MGF1
+                    (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
+                    the MGF option and <var>normalizedAlgorithm</var><code>.saltLength</code> as the
+                    salt length option for the EMSA-PSS-VERIFY operation.
                     <ol>
                       <li>
                         <p>
-                          If performing the operation results in an error, terminate this algorithm with an error.
+                          If performing the operation results in an error, terminate this algorithm
+                          with an error.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Otherwise, let <var>result</var> be a boolean with value true if the result of the operation was "valid signature" and a boolean with value false otherwise.
+                          Otherwise, let <var>result</var> be a boolean with value true if the
+                          result of the operation was "valid signature" and a boolean with value
+                          false otherwise.
                         </p>
                       </li>
                     </ol>
@@ -3292,16 +3472,21 @@
               <ol>
                 <li>
                   <p>
-                  If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                    If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are
+                    not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                    terminate this algorithm with an error.
                   </p>
                 </li>
                 <li>
                   <p>
-                  Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+                    Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
+                    <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
+                    exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
                     <ul>
                       <li>
                         <p>
-                        If generation of the key pair fails, terminate this algorithm with an error.
+                          If generation of the key pair fails, terminate this algorithm with an
+                          error.
                         </p>
                       </li>
                       <li>
@@ -3315,32 +3500,38 @@
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
-                              </p>
-                            </li>
-                            <li>
-                              <p>
-                                Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public
+                                key of the generated key pair.
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.publicKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "verify" ]</code>.
+                                Let <var>result</var><code>.publicKey.extractable</code> be
+                                <code>true</code>
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
-                              </p>
-                            </li>
-                                                    <li>
-                              <p>
-                                Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                Let <var>result</var><code>.publicKey.keyUsages</code> be the
+                                intersection of <var>usages</var> and <code>[ "verify" ]</code>.
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.privateKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "sign" ]</code>.
+                                Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private
+                                key of the generated key pair.
+                              </p>
+                            </li>
+                            <li>
+                              <p>
+                                Let <var>result</var><code>.privateKey.extractable</code> be
+                                <var>extractable</var>.
+                              </p>
+                            </li>
+                            <li>
+                              <p>
+                                Let <var>result</var><code>.privateKey.keyUsages</code> be the
+                                intersection of <var>usages</var> and <code>[ "sign" ]</code>.
                               </p>
                             </li>
                             <li>
@@ -3445,65 +3636,89 @@
               <dt>Encrypt</dt>
               <dd>
                 <ol>
-                    <li>
-                        <p>
-                            If <var>key</var> does not have key type <code>public</code>, terminate this algorithm with an error.
-                        </p>
-                    </li>
-                    <li>
-                      <p>
-                      If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
-                      </p>
-                    </li>
-                    <li>
-                        <p>
-                            Perform the encrytion operation defined in Section 7.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the recipient's RSA public key, the contents of <var>plaintext</var> as the message to be encrypted, M, and <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with the hash function identified by <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
-                            <ol>
-                                <li>
-                                    <p>
-                                        If performing the operation results in an error, terminate this algorithm with an error.
-                                    </p>
-                                </li>
-                                <li>
-                                    <p>
-                                        Otherwise, let <var>ciphertext</var> be a new <code>ArrayBuffer</code> containing the value C that results from performing the operation.
-                                    </p>
-                                </li>
-                            </ol>
-                        </p>
-                    </li>
+                  <li>
+                    <p>
+                      If <var>key</var> does not have key type <code>public</code>, terminate this
+                      algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the encrytion operation defined in Section 7.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                      as the recipient's RSA public key, the contents of <var>plaintext</var> as the
+                      message to be encrypted, M, and
+                      <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with
+                      the hash function identified by
+                      <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1
+                      (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
+                      the MGF option.
+                      <ol>
+                        <li>
+                          <p>
+                            If performing the operation results in an error, terminate this
+                            algorithm with an error.
+                          </p>
+                        </li>
+                        <li>
+                          <p>
+                            Otherwise, let <var>ciphertext</var> be a new <code>ArrayBuffer</code>
+                            containing the value C that results from performing the operation.
+                          </p>
+                        </li>
+                      </ol>
+                    </p>
+                  </li>
                 </ol>
               </dd>
               <dt>Decrypt</dt>
               <dd>
                 <ol>
-                    <li>
-                        <p>
-                            If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                        </p>
-                    </li>
-                    <li>
-                      <p>
-                      If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
-                      </p>
-                    </li>
-                    <li>
-                        <p>
-                            Perform the decryption operation defined in Section 7.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var> as the recipient's RSA private key, the contents of <var>ciphertext</var> as the cipertext to be decrypted, C, and <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with the hash function identified by <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
-                            <ol>
-                                <li>
-                                    <p>
-                                        If performing the operation results in an error, terminate this algorithm with an error.
-                                    </p>
-                                </li>
-                                <li>
-                                    <p>
-                                        Otherwise, let <var>plaintext</var> be a new <code>ArrayBuffer</code> containing the value M that results from performing the operation.
-                                    </p>
-                                </li>
-                            </ol>
-                        </p>
-                    </li>
+                  <li>
+                    <p>
+                      If <var>key</var> does not have key type <code>private</code>, terminate this
+                      algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If any of the members of <a href="#dfn-RsaOaepParams">RsaOaepParams</a> are
+                      not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Perform the decryption operation defined in Section 7.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
+                      as the recipient's RSA private key, the contents of <var>ciphertext</var> as
+                      the cipertext to be decrypted, C, and
+                      <var>normalizedAlgorithm</var><code>.label</code> as the label, L, and with
+                      the hash function identified by
+                      <var>normalizedAlgorithm</var><code>.hash</code> as the Hash option and MGF1
+                      (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as
+                      the MGF option.
+                      <ol>
+                        <li>
+                           <p>
+                              If performing the operation results in an error, terminate this
+                              algorithm with an error.
+                          </p>
+                        </li>
+                        <li>
+                           <p>
+                              Otherwise, let <var>plaintext</var> be a new <code>ArrayBuffer</code>
+                              containing the value M that results from performing the operation.
+                          </p>
+                        </li>
+                      </ol>
+                    </p>
+                  </li>
                 </ol>
               </dd>
               <dt>Generate Key</dt>
@@ -3511,16 +3726,21 @@
                 <ol>
                   <li>
                     <p>
-                    If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
+                      If any of the members of <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a>
+                      are not present in <var>normalizedAlgorithm</var>, or have incorrect types,
+                      terminate this algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                    Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
+                      Generate an RSA key pair, as defined in [<cite><a href="#RFC3447">RFC3447</a></cite>], with RSA modulus length
+                      <var>normalizedAlgorithm</var><code>.modulusLength</code> and RSA public
+                      exponent <var>normalizedAlgorithm</var><code>.publicExponent</code>.
                       <ul>
                         <li>
                           <p>
-                          If generation of the key pair fails, terminate this algorithm with an error.
+                            If generation of the key pair fails, terminate this algorithm with an
+                            error.
                           </p>
                         </li>
                         <li>
@@ -3534,32 +3754,40 @@
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
-                                </p>
-                              </li>
-                              <li>
-                                <p>
-                                  Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                  Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
+                                  public key of the generated key pair.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey" ]</code>.
+                                  Let <var>result</var><code>.publicKey.extractable</code> be
+                                  <code>true</code>
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
+                                  Let <var>result</var><code>.publicKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "encrypt", "wrapKey"
+                                  ]</code>.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                  Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the
+                                  private key of the generated key pair.
                                 </p>
                               </li>
                               <li>
                                 <p>
-                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the intersection of <var>usages</var> and <code>[ "decrypt", "unwrapKey" ]</code>.
+                                  Let <var>result</var><code>.privateKey.extractable</code> be
+                                  <var>extractable</var>.
+                                </p>
+                              </li>
+                              <li>
+                                <p>
+                                  Let <var>result</var><code>.privateKey.keyUsages</code> be the
+                                  intersection of <var>usages</var> and <code>[ "decrypt",
+                                  "unwrapKey" ]</code>.
                                 </p>
                               </li>
                               <li>
@@ -3661,8 +3889,9 @@
 };
             </code></pre></div></div>
             <p>
-              The <dfn id="dfn-NamedCurve">NamedCurve</dfn> type represents named elliptic curves, which
-              are a convenient way to specify the domain parameters of well-known elliptic curves. The following values are recognized:
+              The <dfn id="dfn-NamedCurve">NamedCurve</dfn> type represents named elliptic curves,
+              which are a convenient way to specify the domain parameters of well-known elliptic
+              curves. The following values are recognized:
               <dl>
                 <dt id="dfn-NamedCurve-p256"><code>P-256</code></dt>
                 <dd>NIST recommended curve P-256, also known as <code>secp256r1</code>.</dd>
@@ -3683,13 +3912,14 @@
                 <ol>
                   <li>
                     <p>
-                      If <var>key</var> does not refer to an ECDSA private key, terminate the algorithm with an error.
+                      If <var>key</var> does not refer to an ECDSA private key, terminate the
+                      algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>hash</var> be initialized to an instance of the underlying hash algorithm
-                      indicated by <var>hash</var>
+                      Let <var>hash</var> be initialized to an instance of the underlying hash
+                      algorithm indicated by <var>hash</var>
                     </p>
                   </li>
                   <li>
@@ -3704,13 +3934,14 @@
                   </li>
                   <li>
                     <p>
-                      If the context object's internal state is not <code>"complete"</code>, return an
-                      empty <code>ArrayBuffer</code>.
+                      If the context object's internal state is not <code>"complete"</code>, return
+                      an empty <code>ArrayBuffer</code>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>M</var> be the result of finalizing the hash algorithm of <var>hash</var>.
+                      Let <var>M</var> be the result of finalizing the hash algorithm of
+                      <var>hash</var>.
                     </p>
                   </li>
                   <li>
@@ -3720,7 +3951,8 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>params</var> be the EC domain parameters associated with <var>key</var>.
+                      Let <var>params</var> be the EC domain parameters associated with
+                      <var>key</var>.
                     </p>
                   </li>
                   <li>
@@ -3743,12 +3975,14 @@
                   </li>
                   <li>
                     <p>
-                      Convert <var>r</var> to a bitstring and append the sequence of bytes to <var>result</var>.
+                      Convert <var>r</var> to a bitstring and append the sequence of bytes to
+                     <var>result</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Convert <var>s</var> to a bitstring and append the sequence of bytes to <var>result</var>.
+                      Convert <var>s</var> to a bitstring and append the sequence of bytes to
+                      <var>result</var>.
                     </p>
                   </li>
                   <li>
@@ -3764,13 +3998,14 @@
                 <ol>
                   <li>
                     <p>
-                      If <var>key</var> does not refer to an ECDSA public key, terminate the algorithm with an error.
+                      If <var>key</var> does not refer to an ECDSA public key, terminate the
+                      algorithm with an error.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>hash</var> be initialized to an instance of the underlying hash algorithm
-                      indicated by <var>hash</var>
+                      Let <var>hash</var> be initialized to an instance of the underlying hash
+                      algorithm indicated by <var>hash</var>
                     </p>
                   </li>
                   <li>
@@ -3785,12 +4020,14 @@
                   </li>
                   <li>
                     <p>
-                      If the context object's internal state is not <code>"complete"</code>, terminate the algorithm.
+                      If the context object's internal state is not <code>"complete"</code>,
+                      terminate the algorithm.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>M</var> be the result of finalizing the hash algorithm of <var>hash</var>.
+                      Let <var>M</var> be the result of finalizing the hash algorithm of
+                      <var>hash</var>.
                     </p>
                   </li>
                   <li>
@@ -3806,9 +4043,9 @@
                   </li>
                   <li>
                     <p>
-                      Perform the ECDSA verifying process, as specified in <a href="#X9.62">X9.62</a>,
-                      Section 7.4, with <var>M</var> as the received message, using <var>params</var> as the
-                      EC domain parameters, and with <var>Q</var> as the public key.
+                      Perform the ECDSA verifying process, as specified in <a href="#X9.62">X9.62</a>, Section 7.4, with <var>M</var> as the received
+                      message, using <var>params</var> as the EC domain parameters, and with
+                      <var>Q</var> as the public key.
                     </p>
                   </li>
                   <li>
@@ -3837,8 +4074,8 @@
           <div id="ecdh-description" class="section">
             <h4>17.9.1. Description</h4>
             <p>
-              This describes using Elliptic Curve Diffie-Hellman (ECDH) for key generation and key agreement, as
-              specified by <a href="#X9.63">X9.63</a>.
+              This describes using Elliptic Curve Diffie-Hellman (ECDH) for key generation and key
+              agreement, as specified by <a href="#X9.63">X9.63</a>.
             </p>
           </div>
           <div id="ecdh-registration" class="section">
@@ -3897,8 +4134,8 @@
             </code></pre></div></div>
             <p>
               The <a href="#dfn-ECPoint">ECPoint</a> typedef is a <code>Uint8Array</code> holding an
-              elliptic curve point. An elliptic curve point is converted to an array of Uint8 elements
-              using the procedure specified in <a href="#X9.62">X9.62</a> Annex A.5.7.
+              elliptic curve point. An elliptic curve point is converted to an array of Uint8
+              elements using the procedure specified in <a href="#X9.62">X9.62</a> Annex A.5.7.
             </p>
           </div>
           <div id="ecdh-operations" class="section">
@@ -3908,22 +4145,27 @@
               <ol>
                 <li>
                   <p>
-                  If any of the members of <a href="#dfn-EcKeyGenParams">EcKeyGenParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
-                  </p>
-                </li>
-                <li>
-                  <p>
-                    If <var>usages</var> contains a value which is not either <code>deriveKey</code> or <code>dervieBits</code>,
+                    If any of the members of <a href="#dfn-EcKeyGenParams">EcKeyGenParams</a> are
+                    not present in <var>normalizedAlgorithm</var>, or have incorrect types,
                     terminate this algorithm with an error.
                   </p>
                 </li>
                 <li>
                   <p>
-                  Generate an Eliptic Curve key pair, as defined in [<a href="#X9.63">X9.63</a>] with domain parameters for the curve identified by <var>normalizedAlgorithm</var><code>.namedCurve</code>.
+                    If <var>usages</var> contains a value which is not either <code>deriveKey</code>
+                    or <code>dervieBits</code>, terminate this algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    Generate an Eliptic Curve key pair, as defined in [<a href="#X9.63">X9.63</a>]
+                    with domain parameters for the curve identified by
+                    <var>normalizedAlgorithm</var><code>.namedCurve</code>.
                     <ul>
                       <li>
                         <p>
-                        If generation of the key pair fails, terminate this algorithm with an error.
+                          If generation of the key pair fails, terminate this algorithm with an
+                          error.
                         </p>
                       </li>
                       <li>
@@ -3937,32 +4179,38 @@
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public key of the generated key pair.
-                              </p>
-                            </li>
-                            <li>
-                              <p>
-                                Let <var>result</var><code>.publicKey.extractable</code> be <code>true</code>
+                                Let <var>result</var><code>.publicKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the public
+                                key of the generated key pair.
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.publicKey.keyUsages</code> be <var>usages</var>.
+                                Let <var>result</var><code>.publicKey.extractable</code> be
+                                <code>true</code>
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private key of the generated key pair.
+                                Let <var>result</var><code>.publicKey.keyUsages</code> be
+                                <var>usages</var>.
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.privateKey.extractable</code> be <var>extractable</var>.
+                                Let <var>result</var><code>.privateKey</code> be a new <a href="#dfn-Key"><code>Key</code></a> object representing the private
+                                key of the generated key pair.
                               </p>
                             </li>
                             <li>
                               <p>
-                                Let <var>result</var><code>.privateKey.keyUsages</code> be <var>usages</var>.
+                                Let <var>result</var><code>.privateKey.extractable</code> be
+                                <var>extractable</var>.
+                              </p>
+                            </li>
+                            <li>
+                              <p>
+                                Let <var>result</var><code>.privateKey.keyUsages</code> be
+                                <var>usages</var>.
                               </p>
                             </li>
                             <li>
@@ -3981,24 +4229,29 @@
             <dt>Derive Key</dt>
             <dd>
               <ol>
-                  <li>
-                    <p>
-                        If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                    If any of the members of <a href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
-                    </p>
-                  </li>
                 <li>
                   <p>
-                    Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1 with <var>key</var> as the EC
-                    private key d and <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
+                    If <var>key</var> does not have key type <code>private</code>, terminate this
+                    algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    If any of the members of <a href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in
+                    <var>normalizedAlgorithm</var>, or have incorrect types, terminate this
+                    algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1
+                    with <var>key</var> as the EC private key d and
+                    <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
                     <ol>
                       <li>
                         <p>
-                          If performing the operation results in an error, terminate this algorithm with an error.
+                          If performing the operation results in an error, terminate this algorithm
+                          with an error.
                         </p>
                       </li>
                       <li>
@@ -4010,40 +4263,52 @@
                   </p>
                 </li>
                 <div class="note"><div class="noteHeader">Note</div>
-                  Note: <a href="#X9.63">X9.63</a> Section 5.4.2 and <a href="#SP800-56A">NIST SP 800-56A</a>
-                  Section 5.7.1.2 specify a modified ECDH primitive that multiplies the shared secret value by
-                  the cofactor of the curve. The cofactor of the NIST recommended curves P-256, P-384, and P-521
-                  is 1, so the standard and modified ECDH primitives are equivalent for those curves.
+                  Note: <a href="#X9.63">X9.63</a> Section 5.4.2 and <a href="#SP800-56A">NIST SP
+                  800-56A</a> Section 5.7.1.2 specify a modified ECDH primitive that multiplies the
+                  shared secret value by the cofactor of the curve. The cofactor of the NIST
+                  recommended curves P-256, P-384, and P-521 is 1, so the standard and modified ECDH
+                  primitives are equivalent for those curves.
                 </div>
                 <li>
-                  <div class="ednote"><div class="ednoteHeader">Editorial note</div>Define how the finite field member <var>result</var> is converted to a bit string</div>
+                  <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+                    Define how the finite field member <var>result</var> is converted to a bit
+                    string
+                  </div>
                 </li>
                 <li>
-                  <div class="ednote"><div class="ednoteHeader">Editorial note</div>Define how a key for algorithm <var>normalizedDerivedKeyAlgorithm</var> is derived from a bit string</div>
+                  <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+                    Define how a key for algorithm <var>normalizedDerivedKeyAlgorithm</var> is
+                    derived from a bit string
+                  </div>
                 </li>
               </ol>
             </dd>
             <dt>Derive Bits</dt>
             <dd>
               <ol>
-                  <li>
-                    <p>
-                        If <var>key</var> does not have key type <code>private</code>, terminate this algorithm with an error.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                    If any of the members of <a href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in <var>normalizedAlgorithm</var>, or have incorrect types, terminate this algorithm with an error.
-                    </p>
-                  </li>
                 <li>
                   <p>
-                    Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1 with <var>key</var> as the EC
-                    private key d and <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
+                    If <var>key</var> does not have key type <code>private</code>, terminate this
+                    algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    If any of the members of <a href="#dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</a> are not present in
+                    <var>normalizedAlgorithm</var>, or have incorrect types, terminate this
+                    algorithm with an error.
+                  </p>
+                </li>
+                <li>
+                  <p>
+                    Perform the ECDH primitive specified in <a href="#X9.63">X9.63</a> Section 5.4.1
+                    with <var>key</var> as the EC private key d and
+                    <var>normalizedAlgorithm</var><code>.public</code> as the EC public key Q.
                     <ol>
                       <li>
                         <p>
-                          If performing the operation results in an error, terminate this algorithm with an error.
+                          If performing the operation results in an error, terminate this algorithm
+                          with an error.
                         </p>
                       </li>
                       <li>
@@ -4055,7 +4320,10 @@
                   </p>
                 </li>
                 <li>
-                  <div class="ednote"><div class="ednoteHeader">Editorial note</div>Define how the finite field member <var>result</var> is converted to a bit string</div>
+                  <div class="ednote"><div class="ednoteHeader">Editorial note</div>
+                    Define how the finite field member <var>result</var> is converted to a bit
+                    string.
+                  </div>
                 </li>
               </ol>
             </dd>
@@ -4986,8 +5254,8 @@
         <h2>18. Algorithm normalizing rules</h2>
         <p>
           The <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> typedef
-          permits algorithms to be specified as either a <code>dictionary</code> or a DOMString.
-          In order to ensure consistency, conforming user agents must normalize all AlgorithmIdentifier
+          permits algorithms to be specified as either a <code>dictionary</code> or a DOMString. In
+          order to ensure consistency, conforming user agents must normalize all AlgorithmIdentifier
           inputs into a single, canonical form. When normalization is indicated, it must act as
           follows:
         </p>
@@ -5010,9 +5278,9 @@
                 Convert every character in <var>O</var> to lower case.
               </li>
               <li>
-                If <var>O</var> contains a recognized <a href="#dfn-algorithm-alias">algorithm alias</a>
-                then let <var>result</var> be re-initialized to the aliased dictionary and this algorithm
-                restarted, using <var>result</var> as the input to be normalized.
+                If <var>O</var> contains a recognized <a href="#dfn-algorithm-alias">algorithm
+                alias</a> then let <var>result</var> be re-initialized to the aliased dictionary and
+                this algorithm restarted, using <var>result</var> as the input to be normalized.
               </li>
               <li>
                 Otherwise, throw an <code>InvalidAlgorithmError</code>
@@ -5111,151 +5379,136 @@
     <div id="iana-section" class="section">
     <h2>20. IANA Considerations</h2>
         <div id="iana-section-jws-jwa" class="section">
-
-            <h3>20.1. JSON Web Signature and Encryption Algorithms Registration</h3>
-
-            <p>
-                This section registers the following algorithm identifiers in the IANA JSON Web Signature and Encryption Algorithms Registry for use with JSON Web Key.
-                Note that the 'Implementation Requirements' field in the template refers to use with JSON Web Signature and JSON Web Encryption specifically, in which
-                case use of unauthenticated encryption is prohibited.
-            </p>
-            
-            <ul>
-                <li>Algorithm Name: "A128CBC"</li>
-                <li>Algorithm Description: AES CBC using 128 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-
-            <ul>
-                <li>Algorithm Name: "A192CBC"</li>
-                <li>Algorithm Description: AES CBC using 192 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A256CBC"</li>
-                <li>Algorithm Description: AES CBC using 256 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A128CTR"</li>
-                <li>Algorithm Description: AES CTR using 128 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A192CTR"</li>
-                <li>Algorithm Description: AES CTR using 192 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A256CTR"</li>
-                <li>Algorithm Description: AES CTR using 256 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-          
-            <ul>
-                <li>Algorithm Name: "A128CMAC"</li>
-                <li>Algorithm Description: AES CMAC using 128 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A192CMAC"</li>
-                <li>Algorithm Description: AES CMAC using 192 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A256CMAC"</li>
-                <li>Algorithm Description: AES CMAC using 256 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-          
-            <ul>
-                <li>Algorithm Name: "A128CFB"</li>
-                <li>Algorithm Description: AES CFB using 128 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A192CFB"</li>
-                <li>Algorithm Description: AES CFB using 192 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "A256CFB"</li>
-                <li>Algorithm Description: AES CFB using 256 bit key</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-          
-            <ul>
-                <li>Algorithm Name: "HS1"</li>
-                <li>Algorithm Description: HMAC using SHA-1</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
-            
-            <ul>
-                <li>Algorithm Name: "HS224"</li>
-                <li>Algorithm Description: HMAC using SHA-224</li>
-                <li>Algorithm Usage Location(s): "JWK"</li>
-                <li>JOSE Implementation Requirements: Prohibited</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
-            </ul>
+          <h3>20.1. JSON Web Signature and Encryption Algorithms Registration</h3>
+          <p>
+            This section registers the following algorithm identifiers in the IANA JSON Web
+            Signature and Encryption Algorithms Registry for use with JSON Web Key. Note that the
+            'Implementation Requirements' field in the template refers to use with JSON Web
+            Signature and JSON Web Encryption specifically, in which case use of unauthenticated
+            encryption is prohibited.
+          </p>
+          <ul>
+            <li>Algorithm Name: "A128CBC"</li>
+            <li>Algorithm Description: AES CBC using 128 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A192CBC"</li>
+            <li>Algorithm Description: AES CBC using 192 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>            
+          <ul>
+            <li>Algorithm Name: "A256CBC"</li>
+            <li>Algorithm Description: AES CBC using 256 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>            
+          <ul>
+            <li>Algorithm Name: "A128CTR"</li>
+            <li>Algorithm Description: AES CTR using 128 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>            
+          <ul>
+            <li>Algorithm Name: "A192CTR"</li>
+            <li>Algorithm Description: AES CTR using 192 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A256CTR"</li>
+            <li>Algorithm Description: AES CTR using 256 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A128CMAC"</li>
+            <li>Algorithm Description: AES CMAC using 128 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>          
+          <ul>
+            <li>Algorithm Name: "A192CMAC"</li>
+            <li>Algorithm Description: AES CMAC using 192 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A256CMAC"</li>
+            <li>Algorithm Description: AES CMAC using 256 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A128CFB"</li>
+            <li>Algorithm Description: AES CFB using 128 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A192CFB"</li>
+            <li>Algorithm Description: AES CFB using 192 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "A256CFB"</li>
+            <li>Algorithm Description: AES CFB using 256 bit key</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "HS1"</li>
+            <li>Algorithm Description: HMAC using SHA-1</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
+          <ul>
+            <li>Algorithm Name: "HS224"</li>
+            <li>Algorithm Description: HMAC using SHA-224</li>
+            <li>Algorithm Usage Location(s): "JWK"</li>
+            <li>JOSE Implementation Requirements: Prohibited</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-algorithms">JSON Web Key algorithm names for WebCrypto algorithms</a> in this document</li>
+          </ul>
         </div>
-        
         <div id="iana-section-jwk" class="section">
-            <h3>20.2. JSON Web Key Parameters Registry</h3>
-            <ul>
-                <li>Parameter Name: "ext"</li>
-                <li>Used with "kty" Value(s): *</li>
-                <li>Parameter Information Class: Public</li>
-                <li>Change Controller: W3C WebCrypto working group</li>
-                <li>Specification Document(s): <a href="#key-interface-jwk-ext">JSON Web Key "ext" attribute</a> in this document</li>
-            </ul>
+          <h3>20.2. JSON Web Key Parameters Registry</h3>
+          <ul>
+            <li>Parameter Name: "ext"</li>
+            <li>Used with "kty" Value(s): *</li>
+            <li>Parameter Information Class: Public</li>
+            <li>Change Controller: W3C WebCrypto working group</li>
+            <li>Specification Document(s): <a href="#key-interface-jwk-ext">JSON Web Key "ext" attribute</a> in this document</li>
+          </ul>
         </div>
       </div>
       <div id="acknowledgements-section" class="section">
@@ -5272,12 +5525,12 @@
           mailing list.
         </p>
         <p>
-         The W3C would like to thank the <a href="http://www.northropgrumman.com/cybersecurity/presskit_research_co.html">Northrop Grumman Cybersecurity
-Research Consortium</a> for supporting W3C/MIT. 
+         The W3C would like to thank the <a href="http://www.northropgrumman.com/cybersecurity/presskit_research_co.html">Northrop
+         Grumman Cybersecurity Research Consortium</a> for supporting W3C/MIT.
         </p>
         <p>
-          The <a href="#dfn-RandomSource-method-getRandomValues"><code>getRandomValues</code></a> method
-          in the <code>Crypto</code> interface was originally proposed by Adam Barth to the
+          The <a href="#dfn-RandomSource-method-getRandomValues"><code>getRandomValues</code></a>
+          method in the <code>Crypto</code> interface was originally proposed by Adam Barth to the
           <a href="http://wiki.whatwg.org/wiki/Crypto">WHATWG</a>.
         </p>
       </div>