Bug 25577 - Rename Key to CryptoKey
authorRyan Sleevi <sleevi@google.com>
Mon, 16 Jun 2014 00:00:00 -0700
changeset 187 4673a7019d7f
parent 186 a825382f981b
child 188 858becd55b52
Bug 25577 - Rename Key to CryptoKey
spec/Overview-WebCryptoAPI.xml
spec/Overview.html
--- a/spec/Overview-WebCryptoAPI.xml	Mon Jun 16 00:00:00 2014 -0700
+++ b/spec/Overview-WebCryptoAPI.xml	Mon Jun 16 00:00:00 2014 -0700
@@ -337,14 +337,14 @@
             functionality that are specific to one or two implementations. As such this API allows
             key generation, management, and exchange with a level of abstraction that avoids
             developers needing to care about the implementation of the underlying key storage. The
-            API is focused specifically around Key objects, as an abstraction for the underlying raw
-            cryptographic keying material. The intent behind this is to allow an API that is generic
-            enough to allow conforming user agents to expose keys that are stored and managed
-            directly by the user agent, that may be stored or managed using isolated storage APIs
-            such as per-user key stores provided by some operating systems, or within key storage
-            devices such as secure elements, while allowing rich web applications to manipulate the
-            keys and without requiring the web application be aware of the nature of the underlying
-            key storage.
+            API is focused specifically around CryptoKey objects, as an abstraction for the
+            underlying raw cryptographic keying material. The intent behind this is to allow an API
+            that is generic enough to allow conforming user agents to expose keys that are stored
+            and managed directly by the user agent, that may be stored or managed using isolated
+            storage APIs such as per-user key stores provided by some operating systems, or within
+            key storage devices such as secure elements, while allowing rich web applications to
+            manipulate the keys and without requiring the web application be aware of the nature of
+            the underlying key storage.
           </p>
         </div>
         <div class="section" id="scope-algorithms">
@@ -858,7 +858,7 @@
         <h2>KeyAlgorithm interface</h2>
         <p>
           The KeyAlgorithm interface represents information about the contents of a given
-          <a href="#dfn-Key">Key</a> object.
+          <a href="#dfn-CryptoKey">CryptoKey</a> object.
         </p>
         <x:codeblock language="idl">
 [NoInterfaceObject]
@@ -871,40 +871,43 @@
           <p class="norm">This section is non-normative</p>
           <p>
             The <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> interface is a supplemental interface
-            used to reflect the static, public properties of a <a href="#dfn-Key">Key</a> back to an
-            application. These properties can be used for determination of strength (e.g.: an
-            attribute that indicates the size of the key or the parameters of its creation) as well
-            as for protocol negotiations (e.g.: a particular instance of an inner hash).
+            used to reflect the static, public properties of a <a
+            href="#dfn-CryptoKey">CryptoKey</a> back to an application. These properties can be used
+            for determination of strength (e.g.: an attribute that indicates the size of the key or
+            the parameters of its creation) as well as for protocol negotiations (e.g.: a particular
+            instance of an inner hash).
           </p>
         </div>
         <div id="key-algorithm-interface-members" class="section">
           <h3>KeyAlgorithm interface members</h3>
           <dl>
             <dt id="dfn-KeyAlgorithm-name">name</dt>
-            <dd>The name of the algorithm used to generate the <a href="#dfn-Key">Key</a></dd>
+            <dd>
+              The name of the algorithm used to generate the <a href="#dfn-CryptoKey">CryptoKey</a>
+            </dd>
           </dl>
         </div>
       </div>
           
-      <div id="key-interface" class="section">
-        <h2>Key interface</h2>
+      <div id="cryptokey-interface" class="section">
+        <h2>CryptoKey interface</h2>
         <p>
-          The Key object represents an opaque reference to keying material that is managed by the
-          user agent.
+          The CryptoKey object represents an opaque reference to keying material that is managed by
+          the user agent.
         </p>
         <x:codeblock language="idl">
 typedef DOMString <a href="#dfn-KeyType">KeyType</a>;
 
 typedef DOMString <a href="#dfn-KeyUsage">KeyUsage</a>;
 
-interface <dfn id="dfn-Key">Key</dfn> {
-  readonly attribute <a href="#dfn-KeyType">KeyType</a> <a href="#dfn-Key-type">type</a>;
-  readonly attribute boolean <a href="#dfn-Key-extractable">extractable</a>;
-  readonly attribute <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> <a href="#dfn-Key-algorithm">algorithm</a>;
-  readonly attribute object <a href="#dfn-Key-usages">usages</a>;
+interface <dfn id="dfn-CryptoKey">CryptoKey</dfn> {
+  readonly attribute <a href="#dfn-KeyType">KeyType</a> <a href="#dfn-CryptoKey-type">type</a>;
+  readonly attribute boolean <a href="#dfn-CryptoKey-extractable">extractable</a>;
+  readonly attribute <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> <a href="#dfn-CryptoKey-algorithm">algorithm</a>;
+  readonly attribute object <a href="#dfn-CryptoKey-usages">usages</a>;
 };
         </x:codeblock>
-        <div id="key-interface-description" class="section">
+        <div id="cryptokey-interface-description" class="section">
           <h3>Description</h3>
           <p class="norm">This section is non-normative</p>
           <p>
@@ -917,13 +920,14 @@
             operations and secret values obtained within key derivation or exchange operations.
           </p>
           <p>
-            The Key object is not required to directly interface with the underlying key storage
-            mechanism, and may instead simply be a reference for the user agent to understand how to
-            obtain the keying material when needed, eg. when performing a cryptographic operation.
+            The CryptoKey object is not required to directly interface with the underlying key
+            storage mechanism, and may instead simply be a reference for the user agent to
+            understand how to obtain the keying material when needed, eg. when performing a
+            cryptographic operation.
           </p>
         </div>
 
-        <div id="key-interface-types" class="section">
+        <div id="cryptokey-interface-types" class="section">
           <h3>Key interface data types</h3>
           <dl>
             <dt id="dfn-KeyType"><code>KeyType</code></dt>
@@ -950,22 +954,22 @@
           </dl>
         </div>
 
-        <div id="key-interface-members" class="section">
-          <h3>Key interface members</h3>
+        <div id="cryptokey-interface-members" class="section">
+          <h3>CryptoKey interface members</h3>
           <dl>
-            <dt id="dfn-Key-type"><code>type</code></dt>
+            <dt id="dfn-CryptoKey-type"><code>type</code></dt>
             <dd>
               The type of the underlying key.
             </dd>
-            <dt id="dfn-Key-extractable"><code>extractable</code></dt>
+            <dt id="dfn-CryptoKey-extractable"><code>extractable</code></dt>
             <dd>
               Whether or not the raw keying material may be exported by the application.
             </dd>
-            <dt id="dfn-Key-algorithm"><code>algorithm</code></dt>
+            <dt id="dfn-CryptoKey-algorithm"><code>algorithm</code></dt>
             <dd>
               The <a href="#dfn-KeyAlgorithm"><code>KeyAlgorithm</code></a> used to generate the key.
             </dd>
-            <dt id="dfn-Key-usages"><code>usages</code></dt>
+            <dt id="dfn-CryptoKey-usages"><code>usages</code></dt>
             <dd>
               An <code>Array</code> of <a href="#dfn-KeyUsage"><code>KeyUsages</code></a> that
               indicate what cryptographic operations may be used with this key.
@@ -973,29 +977,32 @@
           </dl>
         </div>
 
-        <div id="key-interface-clone" class="section">
+        <div id="cryptokey-interface-clone" class="section">
           <h3>Structured clone algorithm</h3>
           <p>
             When a user agent is required to obtain a <a href="#structured-clone">structured clone</a>
-            of a <a href="#dfn-Key">Key</a> object, it must run the following steps.
+            of a <a href="#dfn-CryptoKey">CryptoKey</a> object, it must run the following steps.
           </p>
           <ol>
             <li>
-              Let <var>input</var> and <var>memory</var> be the corresponding inputs defined
-              by the <a href="#structured-clone">internal structured cloning algorithm</a>,
-              where <var>input</var> represents a <a href="#dfn-Key">Key</a> object to be cloned.
+              Let <var>input</var> and <var>memory</var> be the corresponding inputs defined by the
+              <a href="#structured-clone">internal structured cloning algorithm</a>, where
+              <var>input</var> represents a <a href="#dfn-CryptoKey">CryptoKey</a> object to be
+              cloned.
             </li>
-            <li>Let <var>output</var> be a newly constructed <a href="#dfn-Key">Key</a> object.</li>
+            <li>
+              Let <var>output</var> be a newly constructed <a href="#dfn-CryptoKey">CryptoKey</a>
+              object.</li>
             <li>
               Let the following attributes of <var>output</var> be equal to the value obtained by
               invoking the internal structured clone algorithm recursively, using the corresponding
               attribute on <var>input</var> as the new "<var>input</var>" argument and
               <var>memory</var> as the new "<var>memory</var>" argument:
               <ul>
-                <li><a href="#dfn-Key-type">type</a></li>
-                <li><a href="#dfn-Key-extractable">extractable</a></li>
-                <li><a href="#dfn-Key-algorithm">KeyAlgorithm</a></li>
-                <li><a href="#dfn-Key-usages">KeyUsage</a></li>
+                <li><a href="#dfn-CryptoKey-type">type</a></li>
+                <li><a href="#dfn-CryptoKey-extractable">extractable</a></li>
+                <li><a href="#dfn-CryptoKey-algorithm">KeyAlgorithm</a></li>
+                <li><a href="#dfn-CryptoKey-usages">KeyUsage</a></li>
               </ul>
             </li>
             <li>
@@ -1005,12 +1012,12 @@
           </ol>
           <div class="note">
             <strong>Implementation Note:</strong> When performing the structured clone algorithm for
-            a <code>Key</code> object, it is important that the underlying cryptographic key
+            a <code>CryptoKey</code> object, it is important that the underlying cryptographic key
             material not be exposed to a JavaScript implementation. Such a situation may arise if an
             implementation fails to implement the structured clone algorithm correctly, such as by
-            allowing a <code>Key</code> object to be serialized as part of a structured clone
+            allowing a <code>CryptoKey</code> object to be serialized as part of a structured clone
             implementation, but then deserializing it as a <code>DOMString</code>, rather than as a
-            <code>Key</code> object.
+            <code>CryptoKey</code> object.
           </div>
         </div>
       </div>
@@ -1039,16 +1046,16 @@
 
 interface <dfn id="dfn-SubtleCrypto">SubtleCrypto</dfn> {
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-encrypt">encrypt</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                       <a href="#dfn-Key">Key</a> key,
+                       <a href="#dfn-CryptoKey">CryptoKey</a> key,
                        CryptoOperationData data);
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-decrypt">decrypt</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                       <a href="#dfn-Key">Key</a> key,
+                       <a href="#dfn-CryptoKey">CryptoKey</a> key,
                        CryptoOperationData data);
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-sign">sign</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                    <a href="#dfn-Key">Key</a> key,
+                    <a href="#dfn-CryptoKey">CryptoKey</a> key,
                     CryptoOperationData data);
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-verify">verify</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                      <a href="#dfn-Key">Key</a> key,
+                      <a href="#dfn-CryptoKey">CryptoKey</a> key,
                       CryptoOperationData signature,
                       CryptoOperationData data);
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-digest">digest</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
@@ -1058,12 +1065,12 @@
                           boolean extractable,
                           sequence&lt;<a href="#dfn-KeyUsage">KeyUsage</a>&gt; keyUsages );
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-deriveKey">deriveKey</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                         <a href="#dfn-Key">Key</a> baseKey,
+                         <a href="#dfn-CryptoKey">CryptoKey</a> baseKey,
                          <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> derivedKeyType,
                          boolean extractable,
                          sequence&lt;<a href="#dfn-KeyUsage">KeyUsage</a>&gt; keyUsages );
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-deriveBits">deriveBits</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                          <a href="#dfn-Key">Key</a> baseKey,
+                          <a href="#dfn-CryptoKey">CryptoKey</a> baseKey,
                           unsigned long length);
   
   <span class="comment">// TBD: <a href="https://www.w3.org/2012/webcrypto/track/issues/35">ISSUE-35</a></span>
@@ -1072,16 +1079,16 @@
                          <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
                          boolean extractable,
                          sequence&lt;<a href="#dfn-KeyUsage">KeyUsage</a>&gt; keyUsages );
-  Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-exportKey">exportKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format, <a href="#dfn-Key">Key</a> key);
+  Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-exportKey">exportKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format, <a href="#dfn-CryptoKey">CryptoKey</a> key);
 
   <span class="comment">// Note: wrapKey and unwrapKey remain "Features at Risk"</span>
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-wrapKey">wrapKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format,
-                       <a href="#dfn-Key">Key</a> key,
-                       <a href="#dfn-Key">Key</a> wrappingKey,
+                       <a href="#dfn-CryptoKey">CryptoKey</a> key,
+                       <a href="#dfn-CryptoKey">CryptoKey</a> wrappingKey,
                        <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> wrapAlgorithm);
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-unwrapKey">unwrapKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format,
                          CryptoOperationData wrappedKey,
-                         <a href="#dfn-Key">Key</a> unwrappingKey,
+                         <a href="#dfn-CryptoKey">CryptoKey</a> unwrappingKey,
                          <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> unwrapAlgorithm,
                          <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> unwrappedKeyAlgorithm,
                          boolean extractable,
@@ -1133,7 +1140,9 @@
           <h3>Data Types</h3>
           <dl>
             <dt id="dfn-KeyFormat"><code>KeyFormat</code></dt>
-            <dd>Specifies a serialization format for a key. The <dfn id="dfn-RecognizedKeyFormats">recognized key format values</dfn> are:
+            <dd>
+              Specifies a serialization format for a key. The <dfn
+              id="dfn-RecognizedKeyFormats">recognized key format values</dfn> are:
               <dl>
                 <dt><code>raw</code></dt>
                 <dd>An unformatted sequence of bytes. Intended for secret keys.</dd>
@@ -1163,7 +1172,7 @@
               method returns a new Promise object that will encrypt data using
               the specified 
               <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with
-              the supplied <a href="#dfn-Key"><code>Key</code></a>. It must act
+              the supplied <a href="#dfn-CryptoKey"><code>CryptoKey</code></a>. It must act
               as follows:
             </p>
             <ol>
@@ -1226,10 +1235,10 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var> does not
-                  contain an entry that is <code>"encrypt"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var> does
+                  not contain an entry that is <code>"encrypt"</code>, then <a
+                  href="#concept-return-an-error">return an error</a> named <a
+                  href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1254,7 +1263,7 @@
               The <dfn id="dfn-SubtleCrypto-method-decrypt"><code>decrypt</code></dfn>
               method returns a new Promise object that will decrypt data using the specified
               <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with
-              the supplied <a href="#dfn-Key"><code>Key</code></a>. It must act
+              the supplied <a href="#dfn-CryptoKey"><code>CryptoKey</code></a>. It must act
               as follows:
             </p>
             <ol>
@@ -1317,10 +1326,10 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var> does not
-                  contain an entry that is <code>"decrypt"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var> does
+                  not contain an entry that is <code>"decrypt"</code>, then <a
+                  href="#concept-return-an-error">return an error</a> named <a
+                  href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1343,10 +1352,10 @@
           <div id="SubtleCrypto-method-sign" class="section">
             <h4>The sign method</h4>
             <p>
-              The <dfn id="dfn-SubtleCrypto-method-sign"><code>sign</code></dfn> method
-              returns a new Promise object that will sign data using the specified
-              <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with
-              the supplied <a href="#dfn-Key"><code>Key</code></a>. It must act as follows:
+              The <dfn id="dfn-SubtleCrypto-method-sign"><code>sign</code></dfn> method returns a
+              new Promise object that will sign data using the specified <a
+              href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with the supplied
+              <a href="#dfn-CryptoKey"><code>CryptoKey</code></a>. It must act as follows:
             </p>
             <ol>
               <li>
@@ -1408,10 +1417,10 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var> does not
-                  contain an entry that is <code>"sign"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var> does
+                  not contain an entry that is <code>"sign"</code>, then <a
+                  href="#concept-return-an-error">return an error</a> named <a
+                  href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1433,10 +1442,10 @@
           <div id="SubtleCrypto-method-verify" class="section">
             <h4>The verify method</h4>
             <p>
-              The <dfn id="dfn-SubtleCrypto-method-verify"><code>verify</code></dfn> method
-              returns a new Promise object that will verify data using the specified
-              <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with
-              the supplied <a href="#dfn-Key"><code>Key</code></a>. It must act as follows:
+              The <dfn id="dfn-SubtleCrypto-method-verify"><code>verify</code></dfn> method returns
+              a new Promise object that will verify data using the specified <a
+              href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with the supplied
+              <a href="#dfn-CryptoKey"><code>CryptoKey</code></a>. It must act as follows:
             </p>
             <ol>
               <li>
@@ -1504,10 +1513,10 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var> does not
-                  contain an entry that is <code>"verify"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var> does
+                  not contain an entry that is <code>"verify"</code>, then <a
+                  href="#concept-return-an-error">return an error</a> named <a
+                  href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1769,10 +1778,10 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>baseKey</var> does not
-                  contain an entry that is <code>"deriveKey"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>baseKey</var>
+                  does not contain an entry that is <code>"deriveKey"</code>, then <a
+                  href="#concept-return-an-error">return an error</a> named <a
+                  href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1876,10 +1885,10 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>baseKey</var> does not
-                  contain an entry that is <code>"deriveBits"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>baseKey</var>
+                  does not contain an entry that is <code>"deriveBits"</code>, then <a
+                  href="#concept-return-an-error">return an error</a> named <a
+                  href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1986,7 +1995,7 @@
               </li>
               <li>
                 <p>
-                  Let <var>result</var> be the <a href="#dfn-Key">Key</a> object that
+                  Let <var>result</var> be the <a href="#dfn-CryptoKey">CryptoKey</a> object that
                   results from performing the import key operation specified by
                   <var>normalizedAlgorithm</var> using <var>keyData</var>,
                   <var>algorithm</var>, 
@@ -2071,15 +2080,16 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-extractable">extractable</a> attribute of <var>key</var>
-                  is false, then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+                  <var>key</var> is false, then <a href="#concept-return-an-error">return an
+                  error</a> named <a
+                  href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>         
               </li>
               <li>
                 <p>
                   Let <var>result</var> be the result of performing the export key operation
-                  specified by the <a href="#dfn-Key-algorithm">algorithm</a>
+                  specified by the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                   attribute of <var>key</var> using <var>key</var> and <var>format</var>.
                 </p>
               </li>
@@ -2169,32 +2179,34 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>wrappingKey</var>
-                  does not contain an entry that is
-                  <code>"wrapKey"</code>, then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
-                </p>
-              </li>
-              <li>
-                <p>
-                  If the algorithm identified by the <a href="#dfn-Key-algorithm">algorithm</a>
-                  attribute of <var>key</var> does not support the export key operation,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-NotSupportedError"><code>NotSupportedError</code></a>.
-                </p>
-              </li>
-              <li>
-                <p>
-                  If the <a href="#dfn-Key-extractable">extractable</a> attribute of <var>key</var>
-                  is false, then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                  <var>wrappingKey</var> does not contain an entry that is <code>"wrapKey"</code>,
+                  then <a href="#concept-return-an-error">return an error</a> named <a
+                  href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                </p>
+              </li>
+              <li>
+                <p>
+                  If the algorithm identified by the <a
+                  href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> does not
+                  support the export key operation, then <a href="#concept-return-an-error">return
+                  an error</a> named <a
+                  href="#dfn-NotSupportedError"><code>NotSupportedError</code></a>.
+                </p>
+              </li>
+              <li>
+                <p>
+                  If the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+                  <var>key</var> is false, then <a href="#concept-return-an-error">return an
+                  error</a> named <a
+                  href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>         
               </li>
               <li>
                 <p>
-                  Let <var>bytes</var> be the result of performing the export key operation specified
-                  the <a href="#dfn-Key-algorithm">algorithm</a>
-                  attribute of <var>key</var> using <var>key</var> and <var>format</var>.
+                  Let <var>bytes</var> be the result of performing the export key operation
+                  specified the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                  <var>key</var> using <var>key</var> and <var>format</var>.
                 </p>
                 <div class="note">
                   <p class="norm">
@@ -2336,10 +2348,11 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>unwrappingKey</var>
-                  does not contain an entry that is
-                  <code>"unwrapKey"</code>, then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                  <var>unwrappingKey</var> does not contain an entry that is
+                  <code>"unwrapKey"</code>, then <a href="#concept-return-an-error">return an
+                  error</a> named <a
+                  href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -2518,13 +2531,13 @@
       <div id="keypair" class="section">
         <h2>KeyPair</h2>
         <x:codeblock language="idl">
-interface <dfn id="dfn-KeyPair">KeyPair</dfn> {
-  readonly attribute <a href="#dfn-Key">Key</a> publicKey;
-  readonly attribute <a href="#dfn-Key">Key</a> privateKey;
+interface <dfn id="dfn-CryptoKeyPair">CryptoKeyPair</dfn> {
+  readonly attribute <a href="#dfn-CryptoKey">CryptoKey</a> publicKey;
+  readonly attribute <a href="#dfn-CryptoKey">CryptoKey</a> privateKey;
 };
         </x:codeblock>
         <p>
-          The <a href="#dfn-KeyPair">KeyPair</a> interface represents an
+          The <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a> interface represents an
           asymmetric key pair that is comprised of both public and private keys.
         </p>
       </div>
@@ -3020,12 +3033,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -3065,10 +3078,10 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"public"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"public"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a
+                      href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -3101,10 +3114,10 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"private"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"private"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a
+                      href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>
                     </p>
                   </li>
                   <li>
@@ -3208,71 +3221,71 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the public key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      to <code>"public"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the public key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> to <code>"public"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
-                      <var>publicKey</var> to be the
-                      <a href="#concept-usage-intersection">usage intersection</a> of
-                      <var>usages</var> and <code>[ "encrypt", "wrapKey" ]</code>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                      <var>publicKey</var> to be the <a href="#concept-usage-intersection">usage
+                      intersection</a> of <var>usages</var> and <code>[ "encrypt", "wrapKey"
+                      ]</code>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
-                      <var>privateKey</var> to be the
-                      <a href="#concept-usage-intersection">usage intersection</a> of
-                      <var>usages</var> and <code>[ "decrypt", "unwrapKey" ]</code>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                      <var>privateKey</var> to be the <a href="#concept-usage-intersection">usage
+                      intersection</a> of <var>usages</var> and <code>[ "decrypt", "unwrapKey"
+                      ]</code>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -3350,14 +3363,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA public key identified by <var>publicKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA public key identified by
+                              <var>publicKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                         </ol>
@@ -3410,14 +3424,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA private key identified by <var>rsaPrivateKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA private key identified by
+                              <var>rsaPrivateKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>
                             </p>
                           </li>
                         </ol>
@@ -3482,15 +3497,16 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA private key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.2 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA private key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.2 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"private"</code>
                                     </p>
                                   </li>
@@ -3510,15 +3526,16 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA public key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.1 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA public key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.1 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"public"</code>
                                     </p>
                                   </li>
@@ -3563,7 +3580,7 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>
                     </p>
                   </li>
@@ -3587,10 +3604,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -3637,10 +3654,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -3718,8 +3735,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>"private"</code>:
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"private"</code>:
                               </dt>
                               <dd>
                                 <ol>
@@ -3748,13 +3765,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to the <a
-                              href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> property of <var>jwk</var> to the <a
-                              href="#dfn-Key-extractable">extractable</a> attribute of
+                              href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -3836,12 +3853,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -3893,10 +3910,10 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"private"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"private"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a
+                      href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -3907,8 +3924,8 @@
                       href="#concept-contents-of-arraybuffer">contents of <var>message</var></a> as
                       <var>M</var> and using the hash function specified in the <a
                       href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a
-                      href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var> as the
-                      Hash option for the EMSA-PKCS1-v1_5 encoding method.
+                      href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> as
+                      the Hash option for the EMSA-PKCS1-v1_5 encoding method.
                     </p>
                   </li>
                   <li>
@@ -3932,10 +3949,10 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"public"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"public"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a
+                      href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -3947,8 +3964,8 @@
                       <var>M</var> and the <a href="#concept-contents-of-arraybuffer">contents of
                       <var>signature</var></a> as <var>S</var> and using the hash function specified
                       in the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a
-                      href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var> as the
-                      Hash option for the EMSA-PKCS1-v1_5 encoding method.
+                      href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> as
+                      the Hash option for the EMSA-PKCS1-v1_5 encoding method.
                     </p>
                   </li>
                   <li>
@@ -4052,31 +4069,31 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the public key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      to <code>"public"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the public key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> to <code>"public"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>publicKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "verify" ]</code>.
@@ -4084,39 +4101,38 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
-                      <var>privateKey</var> to be the
-                      <a href="#concept-usage-intersection">usage intersection</a> of
-                      <var>usages</var> and <code>[ "sign" ]</code>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                      <var>privateKey</var> to be the <a href="#concept-usage-intersection">usage
+                      intersection</a> of <var>usages</var> and <code>[ "sign" ]</code>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -4296,14 +4312,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA public key identified by <var>publicKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA public key identified by
+                              <var>publicKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                         </ol>
@@ -4435,14 +4452,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA private key identified by <var>rsaPrivateKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA private key identified by
+                              <var>rsaPrivateKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>
                             </p>
                           </li>
                         </ol>
@@ -4561,15 +4579,16 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA private key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.2 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA private key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.2 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"private"</code>
                                     </p>
                                   </li>
@@ -4588,15 +4607,16 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA public key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.1 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA public key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.1 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"public"</code>
                                     </p>
                                   </li>
@@ -4648,7 +4668,7 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>
                     </p>
                   </li>
@@ -4673,10 +4693,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -4723,10 +4743,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -4850,8 +4870,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>"private"</code>:
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"private"</code>:
                               </dt>
                               <dd>
                                 <ol>
@@ -4880,13 +4900,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> field of <var>jwk</var> to the <a
-                              href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> field of <var>jwk</var> to the <a
-                              href="#dfn-Key-extractable">extractable</a> attribute of
+                              href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -4970,12 +4990,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -5002,7 +5022,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"private"</code>,
                       then <a href="#concept-return-an-error">return an error</a> named
                       <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -5031,8 +5051,8 @@
                       href="#concept-contents-of-arraybuffer">contents of <var>message</var></a> as
                       the message to be signed, <var>M</var>, and using the hash function specified
                       by the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a
-                      href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var> as the
-                      Hash option, MGF1 (defined in Section B.2.1 of [<cite><a
+                      href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> as
+                      the Hash option, MGF1 (defined in Section B.2.1 of [<cite><a
                       href="#RFC3447">RFC3447</a></cite>]) as the MGF option and the <a
                       href="#dfn-RsaPssParams-saltLength">saltLength</a> member of
                       <var>normalizedAlgorithm</var> as the salt length option for the
@@ -5060,10 +5080,10 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"public"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"public"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a
+                      href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -5090,8 +5110,8 @@
                       <var>M</var> and <a href="#concept-contents-of-arraybuffer">the contents of
                       <var>signature</var></a> as <var>S</var> and using the hash function specified
                       by the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a
-                      href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var> as the
-                      Hash option, MGF1 (defined in Section B.2.1 of [<cite><a
+                      href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> as
+                      the Hash option, MGF1 (defined in Section B.2.1 of [<cite><a
                       href="#RFC3447">RFC3447</a></cite>]) as the MGF option and the <a
                       href="#dfn-RsaPssParams-saltLength">saltLength</a> member of
                       <var>normalizedAlgorithm</var> as the salt length option for the
@@ -5200,63 +5220,62 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the public key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      to <code>"public"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the public key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> to <code>"public"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
-                      <var>publicKey</var> to be the
-                      <a href="#concept-usage-intersection">usage intersection</a> of
-                      <var>usages</var> and <code>[ "verify" ]</code>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                      <var>publicKey</var> to be the <a href="#concept-usage-intersection">usage
+                      intersection</a> of <var>usages</var> and <code>[ "verify" ]</code>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>privateKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "sign" ]</code>.
@@ -5264,7 +5283,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -5501,14 +5520,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA public key identified by <var>publicKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA public key identified by
+                              <var>publicKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                         </ol>
@@ -5703,14 +5723,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA private key identified by <var>rsaPrivateKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA private key identified by
+                              <var>rsaPrivateKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>
                             </p>
                           </li>
                         </ol>
@@ -5829,15 +5850,16 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA private key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.2 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA private key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.2 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"private"</code>
                                     </p>
                                   </li>
@@ -5856,15 +5878,16 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA public key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.1 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA public key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.1 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"public"</code>
                                     </p>
                                   </li>
@@ -5916,7 +5939,7 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>
                     </p>
                   </li>
@@ -5941,10 +5964,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -5986,8 +6009,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-1</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-1</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6000,8 +6023,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-256</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-256</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6014,8 +6037,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-384</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-384</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6028,8 +6051,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-512</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-512</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6069,7 +6092,7 @@
                                           octets of the digest algorithm identified by the <a
                                           href="#dfn-KeyAlgorithm-name">name</a> attribute of the <a
                                           href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute
-                                          of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                          of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                           attribute of <var>key</var>.
                                         </p>
                                       </li>
@@ -6094,10 +6117,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -6144,8 +6167,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-1</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-1</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6158,8 +6181,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-256</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-256</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6172,8 +6195,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-384</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-384</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6186,8 +6209,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-512</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-512</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6227,7 +6250,7 @@
                                           octets of the digest algorithm identified by the <a
                                           href="#dfn-KeyAlgorithm-name">name</a> attribute of the <a
                                           href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute
-                                          of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                          of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                           attribute of <var>key</var>.
                                         </p>
                                       </li>
@@ -6268,8 +6291,8 @@
                             <p>
                               Let <var>hash</var> be the <a href="#dfn-KeyAlgorithm-name">name</a>
                               attribute of the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a>
-                              attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                              of <var>key</var>.
+                              attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                              attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
@@ -6321,8 +6344,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>"private"</code>:
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"private"</code>:
                               </dt>
                               <dd>
                                 <ol>
@@ -6351,13 +6374,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> field of <var>jwk</var> to the <a
-                              href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> field of <var>jwk</var> to the <a
-                              href="#dfn-Key-extractable">extractable</a> attribute of
+                              href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -6441,12 +6464,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -6474,7 +6497,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"public"</code>,
                       then <a href="#concept-return-an-error">return an error</a> named
                       <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -6506,7 +6529,7 @@
                       href="#dfn-RsaOaepParams-label">label</a> member of
                       <var>normalizedAlgorithm</var> as the label, <var>L</var>, and with the hash
                       function specified by the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a>
-                      attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> as the Hash option and MGF1 (defined in Section B.2.1 of
                       [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
                     </p>
@@ -6532,7 +6555,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"private"</code>,
                       then <a href="#concept-return-an-error">return an error</a> named
                       <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -6564,7 +6587,7 @@
                       href="#dfn-RsaOaepParams-label">label</a> member of
                       <var>normalizedAlgorithm</var> as the label, <var>L</var>, and with the hash
                       function specified by the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a>
-                      attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> as the Hash option and MGF1 (defined in Section B.2.1 of
                       [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
                     </p>
@@ -6671,31 +6694,31 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the public key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      to <code>"public"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the public key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> to <code>"public"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>publicKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "encrypt", "wrapKey" ]</code>.
@@ -6703,31 +6726,31 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>privateKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "decrypt", "unwrapKey" ]</code>.
@@ -6735,7 +6758,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -6971,14 +6994,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA public key identified by <var>publicKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA public key identified by
+                              <var>publicKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                         </ol>
@@ -7177,14 +7201,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA private key identified by <var>rsaPrivateKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA private key identified by
+                              <var>rsaPrivateKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>
                             </p>
                           </li>
                         </ol>
@@ -7278,24 +7303,24 @@
                                 <ol>
                                   <li>
                                     <p>
-                                      If <var>jwk</var> does not meet the requirements of
-                                      Section 6.3.2 of <a href="#jwa">JSON Web
-                                      Algorithms</a>,
-                                      then <a href="#concept-return-an-error">return an error</a> named
-                                      <a href="#dfn-DataError"><code>DataError</code></a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA private key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.2 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      If <var>jwk</var> does not meet the requirements of Section
+                                      6.3.2 of <a href="#jwa">JSON Web Algorithms</a>, then <a
+                                      href="#concept-return-an-error">return an error</a> named <a
+                                      href="#dfn-DataError"><code>DataError</code></a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA private key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.2 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"private"</code>
                                     </p>
                                   </li>
@@ -7314,15 +7339,16 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA public key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.1 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA public key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.1 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"public"</code>
                                     </p>
                                   </li>
@@ -7374,7 +7400,7 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>
                     </p>
                   </li>
@@ -7399,10 +7425,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -7444,8 +7470,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-1</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-1</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7458,8 +7484,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-256</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-256</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7472,8 +7498,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-384</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-384</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7486,8 +7512,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-512</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-512</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7542,10 +7568,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -7592,8 +7618,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-1</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-1</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7606,8 +7632,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-256</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-256</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7620,8 +7646,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-384</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-384</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7634,8 +7660,8 @@
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a
                                             href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-512</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-512</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7710,7 +7736,7 @@
                                 If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                 attribute of the <a
                                 href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                the <a href="#dfn-Key-algorithm">algorithm</a> attribute
+                                the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute
                                 of <var>key</var> is <code>SHA-1</code>:
                               </dt>
                               <dd>
@@ -7723,7 +7749,7 @@
                                 If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                 attribute of the <a
                                 href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                the <a href="#dfn-Key-algorithm">algorithm</a> attribute
+                                the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute
                                 of <var>key</var> is <code>SHA-256</code>:
                               </dt>
                               <dd>
@@ -7736,7 +7762,7 @@
                                 If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                 attribute of the <a
                                 href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                the <a href="#dfn-Key-algorithm">algorithm</a> attribute
+                                the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute
                                 of <var>key</var> is <code>SHA-384</code>:
                               </dt>
                               <dd>
@@ -7749,7 +7775,7 @@
                                 If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                 attribute of the <a
                                 href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                the <a href="#dfn-Key-algorithm">algorithm</a> attribute
+                                the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute
                                 of <var>key</var> is <code>SHA-512</code>:
                               </dt>
                               <dd>
@@ -7770,8 +7796,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>"private"</code>:
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"private"</code>:
                               </dt>
                               <dd>
                                 <ol>
@@ -7800,13 +7826,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> field of <var>jwk</var> to the <a
-                              href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> field of <var>jwk</var> to the <a
-                              href="#dfn-Key-extractable">extractable</a> attribute of
+                              href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -7889,12 +7915,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-EcKeyGenParams">EcKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -7967,10 +7993,10 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"private"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"private"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a
+                      href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -8063,7 +8089,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"public"</code>,
                       then <a href="#concept-return-an-error">return an error</a> named
                       <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -8204,61 +8230,61 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the public key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      to <code>"public"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the public key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> to <code>"public"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>publicKey</var> to be the empty list.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>privateKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "sign", "verify" ]</code>.
@@ -8266,7 +8292,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -8350,16 +8376,16 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the Elliptic Curve public key identified by performing the
-                              conversion steps defined in Section 2.2 of <a href="#RFC5480">RFC
-                              5480</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the Elliptic Curve public key identified by
+                              performing the conversion steps defined in Section 2.2 of <a
+                              href="#RFC5480">RFC 5480</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                           <li>
@@ -8417,7 +8443,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -8507,16 +8533,16 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the Elliptic Curve private key identified by performing the
-                              conversion steps defined in Section 3 of <a href="#RFC5915">RFC
-                              5915</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the Elliptic Curve private key identified by
+                              performing the conversion steps defined in Section 3 of <a
+                              href="#RFC5915">RFC 5915</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>
                             </p>
                           </li>
                           <li>
@@ -8570,7 +8596,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -8635,22 +8661,23 @@
                                   <li>
                                     <p>
                                       If <var>jwk</var> does not meet the requirements of Section
-                                      6.2.2 of <a href="#jwa">JSON Web Algorithms</a>,
-                                      then <a href="#concept-return-an-error">return an error</a> named
-                                      <a href="#dfn-DataError"><code>DataError</code></a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the Elliptic Curve private key identified by
-                                      interpreting <var>jwk</var> according to Section 6.2.2 of <a
+                                      6.2.2 of <a href="#jwa">JSON Web Algorithms</a>, then <a
+                                      href="#concept-return-an-error">return an error</a> named <a
+                                      href="#dfn-DataError"><code>DataError</code></a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      Elliptic Curve private key identified by interpreting
+                                      <var>jwk</var> according to Section 6.2.2 of <a
                                       href="#jwa">JSON Web Algorithms</a>.
                                     </p>
                                   </li>
                                   <li>
                                     <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>Key</var> to <code>"private"</code>.
                                     </p>
                                   </li>
@@ -8662,22 +8689,23 @@
                                   <li>
                                     <p>
                                       If <var>jwk</var> does not meet the requirements of Section
-                                      6.2.1 of <a href="#jwa">JSON Web Algorithms</a>,
-                                      then <a href="#concept-return-an-error">return an error</a> named
-                                      <a href="#dfn-DataError"><code>DataError</code></a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the Elliptic Curve public key identified by
-                                      interpreting <var>jwk</var> according to Section 6.2.1 of <a
+                                      6.2.1 of <a href="#jwa">JSON Web Algorithms</a>, then <a
+                                      href="#concept-return-an-error">return an error</a> named <a
+                                      href="#dfn-DataError"><code>DataError</code></a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      Elliptic Curve public key identified by interpreting
+                                      <var>jwk</var> according to Section 6.2.1 of <a
                                       href="#jwa">JSON Web Algorithms</a>.
                                     </p>
                                   </li>
                                   <li>
                                     <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>Key</var> to <code>"public"</code>.
                                     </p>
                                   </li>
@@ -8740,7 +8768,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -8768,7 +8796,7 @@
                 <ol>
                   <li>
                     <p>
-                      Let <var>key</var> be the <a href="#dfn-Key">Key</a> to be exported.
+                      Let <var>key</var> be the <a href="#dfn-CryptoKey">CryptoKey</a> to be exported.
                     </p>
                   </li>
                   <li>
@@ -8778,10 +8806,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -8813,8 +8841,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-256"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8826,8 +8855,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-384"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8839,8 +8869,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-521"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8871,10 +8902,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              is not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -8911,8 +8942,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-256"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8924,8 +8956,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-384"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8937,8 +8970,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-521"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8999,7 +9033,7 @@
                             <dl class="switch">
                               <dt>
                                 If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                 attribute of <var>key</var> is <code>P-256</code>:
                               </dt>
                               <dd>
@@ -9008,7 +9042,7 @@
                               </dd>
                               <dt>
                                 If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                 attribute of <var>key</var> is <code>P-384</code>:
                               </dt>
                               <dd>
@@ -9017,7 +9051,7 @@
                               </dd>
                               <dt>
                                 If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                 attribute of <var>key</var> is <code>P-521</code>:
                               </dt>
                               <dd>
@@ -9043,8 +9077,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>private</code>
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>private</code>
                               </dt>
                               <dd>
                                 <p>
@@ -9058,13 +9092,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to the
-                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> property of <var>jwk</var> to the <a
-                              href="#dfn-Key-extractable">extractable</a> attribute of
+                              href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -9143,7 +9177,7 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-EcKeyGenParams">EcKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>deriveBits</td>
@@ -9153,7 +9187,7 @@
                 <tr>
                   <td>importKey</td>
                   <td><a href="#dfn-EcKeyImportParams">EcKeyImportParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -9170,7 +9204,7 @@
 
 dictionary <dfn id="dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The peer's EC public key.</span>
-  <a href="#dfn-Key">Key</a> <dfn id="dfn-EcdhKeyDeriveParams-public">public</dfn>;
+  <a href="#dfn-CryptoKey">CryptoKey</a> <dfn id="dfn-EcdhKeyDeriveParams-public">public</dfn>;
 };
             </x:codeblock>
           </div>
@@ -9241,61 +9275,61 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
                       representing the public key of the generated key pair.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>publicKey</var>
                       to <code>"public"</code>
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>publicKey</var> to be the empty list.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>privateKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "deriveKey", "deriveBits" ]</code>.
@@ -9303,7 +9337,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -9331,7 +9365,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"private"</code>,
                       then <a href="#concept-return-an-error">return an error</a> named
                       <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -9362,31 +9396,30 @@
                   </li>
                   <li>
                     <p>
-                      If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of the
-                      <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>publicKey</var> is
-                      not <code>"ECDH"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      is not
-                      <code>"public"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of the <a
+                      href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                      <var>publicKey</var> is not <code>"ECDH"</code>, then <a
+                      href="#concept-return-an-error">return an error</a> named <a
+                      href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> is not <code>"public"</code>, then <a
+                      href="#concept-return-an-error">return an error</a> named <a
+                      href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
                     <p>
                       If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a> attribute of
-                      the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>publicKey</var>
-                      is not equal to the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                      property of
-                      the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-DataError"><code>DataError</code></a>.
+                      the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                      <var>publicKey</var> is not equal to the <a
+                      href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a> property of the <a
+                      href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var>,
+                      then <a href="#concept-return-an-error">return an error</a> named <a
+                      href="#dfn-DataError"><code>DataError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -9494,16 +9527,16 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the Elliptic Curve public key identified by performing the
-                              conversion steps defined in Section 2.2 of <a href="#RFC5480">RFC
-                              5480</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the Elliptic Curve public key identified by
+                              performing the conversion steps defined in Section 2.2 of <a
+                              href="#RFC5480">RFC 5480</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                           <li>
@@ -9561,7 +9594,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -9651,16 +9684,16 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the Elliptic Curve private key identified by performing the
-                              conversion steps defined in Section 3 of <a href="#RFC5915">RFC
-                              5915</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>.
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the Elliptic Curve private key identified by
+                              performing the conversion steps defined in Section 3 of <a
+                              href="#RFC5915">RFC 5915</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>.
                             </p>
                           </li>
                           <li>
@@ -9718,7 +9751,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -9781,22 +9814,23 @@
                                   <li>
                                     <p>
                                       If <var>jwk</var> does not meet the requirements of Section
-                                      6.2.2 of <a href="#jwa">JSON Web Algorithms</a>,
-                                      then <a href="#concept-return-an-error">return an error</a> named
-                                      <a href="#dfn-DataError"><code>DataError</code></a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the Elliptic Curve private key identified by
-                                      interpreting <var>jwk</var> according to Section 6.2.2 of <a
+                                      6.2.2 of <a href="#jwa">JSON Web Algorithms</a>, then <a
+                                      href="#concept-return-an-error">return an error</a> named <a
+                                      href="#dfn-DataError"><code>DataError</code></a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      Elliptic Curve private key identified by interpreting
+                                      <var>jwk</var> according to Section 6.2.2 of <a
                                       href="#jwa">JSON Web Algorithms</a>.
                                     </p>
                                   </li>
                                   <li>
                                     <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>Key</var> to <code>"private"</code>.
                                     </p>
                                   </li>
@@ -9808,22 +9842,23 @@
                                   <li>
                                     <p>
                                       If <var>jwk</var> does not meet the requirements of Section
-                                      6.2.1 of <a href="#jwa">JSON Web Algorithms</a>,
-                                      then <a href="#concept-return-an-error">return an error</a> named
-                                      <a href="#dfn-DataError"><code>DataError</code></a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the Elliptic Curve public key identified by
-                                      interpreting <var>jwk</var> according to Section 6.2.1 of <a
+                                      6.2.1 of <a href="#jwa">JSON Web Algorithms</a>, then <a
+                                      href="#concept-return-an-error">return an error</a> named <a
+                                      href="#dfn-DataError"><code>DataError</code></a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a
+                                      href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      Elliptic Curve public key identified by interpreting
+                                      <var>jwk</var> according to Section 6.2.1 of <a
                                       href="#jwa">JSON Web Algorithms</a>.
                                     </p>
                                   </li>
                                   <li>
                                     <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>Key</var> to <code>"public"</code>.
                                     </p>
                                   </li>
@@ -9886,7 +9921,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -9949,39 +9984,40 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-KeyAlgorithm-namedCurve">namedCurve</a> attribute
-                              of <var>algorithm</var> to equal the <a
+                              Set the <a href="#dfn-KeyAlgorithm-namedCurve">namedCurve</a>
+                              attribute of <var>algorithm</var> to equal the <a
                               href="#dfn-EcKeyImportParams-namedCurve">namedCurve</a> member of
                               <var>normalizedAlgorithm</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> to
-                              <code>"public"</code>
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                               <var>key</var> to <var>usages</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
-                              <var>key</var> to <var>extractable</var>.
+                              Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute
+                              of <var>key</var> to <var>extractable</var>.
                             </p>
                           </li>
                         </ol>
@@ -10008,7 +10044,8 @@
                 <ol>
                   <li>
                     <p>
-                      Let <var>key</var> be the <a href="#dfn-Key">Key</a> to be exported.
+                      Let <var>key</var> be the <a href="#dfn-CryptoKey">CryptoKey</a> to be
+                      exported.
                     </p>
                   </li>
                   <li>
@@ -10018,10 +10055,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -10053,8 +10090,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-256"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -10066,8 +10104,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-384"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -10079,8 +10118,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-521"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -10111,10 +10151,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              is not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -10151,8 +10191,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-256"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -10164,8 +10205,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-384"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -10177,8 +10219,9 @@
                                       <dt>
                                         If the <a
                                         href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                        attribute of the <a
+                                        href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-521"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -10239,7 +10282,7 @@
                             <dl class="switch">
                               <dt>
                                 If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                 attribute of <var>key</var> is <code>P-256</code>:
                               </dt>
                               <dd>
@@ -10248,7 +10291,7 @@
                               </dd>
                               <dt>
                                 If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                 attribute of <var>key</var> is <code>P-384</code>:
                               </dt>
                               <dd>
@@ -10257,7 +10300,7 @@
                               </dd>
                               <dt>
                                 If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                 attribute of <var>key</var> is <code>P-521</code>:
                               </dt>
                               <dd>
@@ -10283,8 +10326,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>private</code>
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>private</code>
                               </dt>
                               <dd>
                                 <p>
@@ -10298,13 +10341,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to the
-                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> property of <var>jwk</var> to the <a
-                              href="#dfn-Key-extractable">extractable</a> attribute of
+                              href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -10330,10 +10373,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -10410,12 +10453,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-AesKeyGenParams">AesKeyGenParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -10651,7 +10694,7 @@
                   <li>
                     <p>
                       Let <var>key</var> be a new
-                      <a href="#dfn-Key">Key</a> object representing the
+                      <a href="#dfn-CryptoKey">CryptoKey</a> object representing the
                       generated AES key.
                     </p>
                   </li>
@@ -10677,19 +10720,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute
                       of <var>key</var> to be <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>key</var> to be <var>usages</var>.
                     </p>
                   </li>
@@ -10766,20 +10809,26 @@
                           <li>
                             <dl class="switch">
                               <dt>If <var>data</var> has length 128 bits:</dt>
-                              <dd>If the <code>"alg"</code> field of <var>jwk</var> is present, and is
-                              not  <code>"A128CTR"</code>,
-                                then <a href="#concept-return-an-error">return an error</a> named
-                                <a href="#dfn-DataError"><code>DataError</code></a>.</dd>
+                              <dd>
+                                If the <code>"alg"</code> field of <var>jwk</var> is present, and is
+                                not <code>"A128CTR"</code>, then <a
+                                href="#concept-return-an-error">return an error</a> named <a
+                                href="#dfn-DataError"><code>DataError</code></a>.
+                              </dd>
                               <dt>If <var>data</var> has length 192 bits:</dt>
-                              <dd>If the <code>"alg"</code> field of <var>jwk</var> is present, and is
-                              not  <code>"A192CTR"</code>,
-                                then <a href="#concept-return-an-error">return an error</a> named
-                                <a href="#dfn-DataError"><code>DataError</code></a>.</dd>
+                              <dd>
+                                If the <code>"alg"</code> field of <var>jwk</var> is present, and is
+                                not <code>"A192CTR"</code>, then <a
+                                href="#concept-return-an-error">return an error</a> named <a
+                                href="#dfn-DataError"><code>DataError</code></a>.
+                              </dd>
                               <dt>If <var>data</var> has length 256 bits:</dt>
-                              <dd>If the <code>"alg"</code> field of <var>jwk</var> is present, and is
-                              not  <code>"A256CTR"</code>,
-                                then <a href="#concept-return-an-error">return an error</a> named
-                                <a href="#dfn-DataError"><code>DataError</code></a>.</dd>
+                              <dd>
+                                If the <code>"alg"</code> field of <var>jwk</var> is present, and is
+                                not <code>"A256CTR"</code>, then <a
+                                href="#concept-return-an-error">return an error</a> named <a
+                                href="#dfn-DataError"><code>DataError</code></a>.
+                              </dd>
                               <dt>Otherwise:</dt>
                               <dd>
                                 <a href="#concept-return-an-error">Return an error</a> named
@@ -10789,7 +10838,7 @@
                           <li>
                             <p>
                               If the <code>"use"</code> field of <var>jwk</var> is present, and is
-                              not  <code>"enc"</code>,
+                              not <code>"enc"</code>,
                               then <a href="#concept-return-an-error">return an error</a> named
                               <a href="#dfn-DataError"><code>DataError</code></a>.
                             </p>
@@ -10823,8 +10872,9 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>key</var> be a new <code><a href="#dfn-Key">Key</a></code>
-                      object representing an AES key with value <var>data</var>.
+                      Let <var>key</var> be a new <code><a
+                      href="#dfn-CryptoKey">CryptoKey</a></code> object representing an AES key with
+                      value <var>data</var>.
                     </p>
                   </li>
                   <li>
@@ -10847,19 +10897,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>
-                      to <var>algorithm</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                      <var>key</var> to <var>algorithm</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>key</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>
                       to the <a href="#concept-normalized-usages">normalized value</a> of
                       <var>usages</var>.
                     </p>
@@ -10922,13 +10972,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to equal the
-                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> property of <var>jwk</var> to equal the 
-                              <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -11046,12 +11096,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-AesKeyGenParams">AesKeyGenParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -11250,7 +11300,7 @@
                   <li>
                     <p>
                       Let <var>key</var> be a new
-                      <a href="#dfn-Key">Key</a> object representing the
+                      <a href="#dfn-CryptoKey">CryptoKey</a> object representing the
                       generated AES key.
                     </p>
                   </li>
@@ -11276,19 +11326,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute
                       of <var>key</var> to be <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>key</var> to be <var>usages</var>.
                     </p>
                   </li>
@@ -11423,7 +11473,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>key</var> be a new <code><a href="#dfn-Key">Key</a></code>
+                      Let <var>key</var> be a new <code><a href="#dfn-CryptoKey">CryptoKey</a></code>
                       object representing an AES key with value <var>data</var>.
                     </p>
                   </li>
@@ -11447,19 +11497,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>
-                      to <var>algorithm</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                      <var>key</var> to <var>algorithm</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>key</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>
                       to the <a href="#concept-normalized-usages">normalized value</a> of
                       <var>usages</var>.
                     </p>
@@ -11522,13 +11572,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to equal the
-                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> property of <var>jwk</var> to equal the 
-                              <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -11639,12 +11689,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-AesKeyGenParams">AesKeyGenParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -11795,7 +11845,7 @@
                   <li>
                     <p>
                       Let <var>key</var> be a new
-                      <a href="#dfn-Key">Key</a> object representing the
+                      <a href="#dfn-CryptoKey">CryptoKey</a> object representing the
                       generated AES key.
                     </p>
                   </li>
@@ -11821,19 +11871,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute
                       of <var>key</var> to be <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>key</var> to be <var>usages</var>.
                     </p>
                   </li>
@@ -11967,7 +12017,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>key</var> be a new <code><a href="#dfn-Key">Key</a></code>
+                      Let <var>key</var> be a new <code><a href="#dfn-CryptoKey">CryptoKey</a></code>
                       object representing an AES key with value <var>data</var>.
                     </p>
                   </li>
@@ -11991,19 +12041,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var>
                       to <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>key</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>
                       to the <a href="#concept-normalized-usages">normalized value</a> of
                       <var>usages</var>.
                     </p>
@@ -12066,13 +12116,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to equal the
-                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> property of <var>jwk</var> to equal the 
-                              <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -12177,12 +12227,12 @@
                  <tr>
                    <td>generateKey</td>
                    <td><a href="#dfn-AesKeyGenParams">AesKeyGenParams</a></td>
-                   <td><a href="#dfn-Key">Key</a></td>
+                   <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                  </tr>
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -12477,7 +12527,7 @@
                   <li>
                     <p>
                       Let <var>key</var> be a new
-                      <a href="#dfn-Key">Key</a> object representing the
+                      <a href="#dfn-CryptoKey">CryptoKey</a> object representing the
                       generated AES key.
                     </p>
                   </li>
@@ -12503,19 +12553,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute
                       of <var>key</var> to be <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>key</var> to be <var>usages</var>.
                     </p>
                   </li>
@@ -12650,7 +12700,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>key</var> be a new <code><a href="#dfn-Key">Key</a></code>
+                      Let <var>key</var> be a new <code><a href="#dfn-CryptoKey">CryptoKey</a></code>
                       object representing an AES key with value <var>data</var>.
                     </p>
                   </li>
@@ -12674,19 +12724,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var>
                       to <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>key</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>
                       to the <a href="#concept-normalized-usages">normalized value</a> of
                       <var>usages</var>.
                     </p>
@@ -12749,13 +12799,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to equal the
-                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> property of <var>jwk</var> to equal the 
-                              <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -12867,12 +12917,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-AesKeyGenParams">AesKeyGenParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -13044,7 +13094,7 @@
                   <li>
                     <p>
                       Let <var>key</var> be a new
-                      <a href="#dfn-Key">Key</a> object representing the
+                      <a href="#dfn-CryptoKey">CryptoKey</a> object representing the
                       generated AES key.
                     </p>
                   </li>
@@ -13070,19 +13120,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute
                       of <var>key</var> to be <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>key</var> to be <var>usages</var>.
                     </p>
                   </li>
@@ -13217,7 +13267,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>key</var> be a new <code><a href="#dfn-Key">Key</a></code>
+                      Let <var>key</var> be a new <code><a href="#dfn-CryptoKey">CryptoKey</a></code>
                       object representing an AES key with value <var>data</var>.
                     </p>
                   </li>
@@ -13241,19 +13291,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var>
                       to <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>key</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>
                       to the <a href="#concept-normalized-usages">normalized value</a> of
                       <var>usages</var>.
                     </p>
@@ -13316,13 +13366,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to equal the
-                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> property of <var>jwk</var> to equal the 
-                              <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -13433,12 +13483,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-AesKeyGenParams">AesKeyGenParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -13551,7 +13601,7 @@
                   <li>
                     <p>
                       Let <var>key</var> be a new
-                      <a href="#dfn-Key">Key</a> object representing the
+                      <a href="#dfn-CryptoKey">CryptoKey</a> object representing the
                       generated AES key.
                     </p>
                   </li>
@@ -13577,19 +13627,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute
                       of <var>key</var> to be <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>key</var> to be <var>usages</var>.
                     </p>
                   </li>
@@ -13724,7 +13774,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a>
+                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
                       object representing an AES key with value <var>data</var>.
                     </p>
                   </li>
@@ -13748,19 +13798,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>
-                      to <var>algorithm</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                      <var>key</var> to <var>algorithm</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>key</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>
                       to the <a href="#concept-normalized-usages">normalized value</a> of
                       <var>usages</var>.
                     </p>
@@ -13823,13 +13873,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to equal the
-                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> property of <var>jwk</var> to equal the 
-                              <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -13934,12 +13984,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-HmacKeyGenParams">HmacKeyGenParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td><a href="#dfn-HmacImportParams">HmacImportParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -14009,12 +14059,11 @@
                 <ol>
                   <li>
                     <p>
-                      Let <var>mac</var> be the result of performing the MAC Generation
-                      operation described in Section 4 of
-                      [<a href="#fips-pub-198-1">FIPS PUB 198-1</a>] using the key represented by <var>key</var>,
-                      the hash function identified by the
-                      <a href="#dfn-HmacKeyAlgorithm-hash">hash</a> attribute of the
-                      <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var> and
+                      Let <var>mac</var> be the result of performing the MAC Generation operation
+                      described in Section 4 of [<a href="#fips-pub-198-1">FIPS PUB 198-1</a>] using
+                      the key represented by <var>key</var>, the hash function identified by the <a
+                      href="#dfn-HmacKeyAlgorithm-hash">hash</a> attribute of the <a
+                      href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> and
                       <var>message</var> as the input data <var>text</var>.
                     </p>
                   </li>
@@ -14030,12 +14079,11 @@
                 <ol>
                   <li>
                     <p>
-                      Let <var>mac</var> be the result of performing the MAC Generation
-                      operation described in Section 4 of
-                      [<a href="#fips-pub-198-1">FIPS PUB 198-1</a>] using the key represented by <var>key</var>,
-                      the hash function identified by the
-                      <a href="#dfn-HmacKeyAlgorithm-hash">hash</a> attribute of the
-                      <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var> and
+                      Let <var>mac</var> be the result of performing the MAC Generation operation
+                      described in Section 4 of [<a href="#fips-pub-198-1">FIPS PUB 198-1</a>] using
+                      the key represented by <var>key</var>, the hash function identified by the <a
+                      href="#dfn-HmacKeyAlgorithm-hash">hash</a> attribute of the <a
+                      href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> and
                       <var>message</var> as the input data <var>text</var>.
                     </p>
                   </li>
@@ -14094,10 +14142,9 @@
                   </li>
                   <li>
                     <p>
-                      If <var>usages</var> contains any entry which is not
-                      <code>"sign"</code> or <code>"verify"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-DataError"><code>DataError</code></a>.
+                      If <var>usages</var> contains any entry which is not <code>"sign"</code> or
+                      <code>"verify"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -14115,7 +14162,7 @@
                   <li>
                     <p>
                       Let <var>key</var> be a new
-                      <a href="#dfn-Key">Key</a> object representing the
+                      <a href="#dfn-CryptoKey">CryptoKey</a> object representing the
                       generated key.
                     </p>
                   </li>
@@ -14153,19 +14200,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute
                       of <var>key</var> to be <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>key</var> to be <var>usages</var>.
                     </p>
                   </li>
@@ -14268,9 +14315,10 @@
                                   <li>
                                     <p>
                                       Set the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
-                                      <var>hash</var> to equal the <a href="#dfn-Algorithm-name">name</a>
-                                      member of the <a href="#dfn-HmacImportParams-hash">hash</a>
-                                      member of <var>normalizedAlgorithm</var>.
+                                      <var>hash</var> to equal the <a
+                                      href="#dfn-Algorithm-name">name</a> member of the <a
+                                      href="#dfn-HmacImportParams-hash">hash</a> member of
+                                      <var>normalizedAlgorithm</var>.
                                     </p>
                                   </li>
                                   <li>
@@ -14469,7 +14517,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>key</var> be a new <code><a href="#dfn-Key">Key</a></code>
+                      Let <var>key</var> be a new <code><a href="#dfn-CryptoKey">CryptoKey</a></code>
                       object representing an HMAC key with the first <var>length</var>
                       bits of <var>data</var>.
                     </p>
@@ -14500,19 +14548,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>
-                      to <var>algorithm</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                      <var>key</var> to <var>algorithm</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>key</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>
                       to the <a href="#concept-normalized-usages">normalized value</a> of
                       <var>usages</var>.
                     </p>
@@ -14558,8 +14606,9 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>algorithm</var> be the
-                              <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>.
+                              Let <var>algorithm</var> be the <a
+                              href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                              <var>key</var>.
                             </p>
                           </li>
                           <li>
@@ -14593,13 +14642,13 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to equal the
-                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
+                              <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
                               Set the <code>ext</code> property of <var>jwk</var> to equal the 
-                              <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -14710,7 +14759,7 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-DhKeyGenParams">DhKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>deriveBits</td>
@@ -14720,7 +14769,7 @@
                 <tr>
                   <td>importKey</td>
                   <td><a href="#dfn-DhImportKeyParams">DhImportKeyParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -14758,7 +14807,7 @@
             <x:codeblock language="idl">
 dictionary <dfn id="dfn-DhKeyDeriveParams">DhKeyDeriveParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The peer's public value.</span>
-  <a href="#dfn-Key">Key</a> <dfn id="dfn-DhKeyDeriveParams-public">public</dfn>;
+  <a href="#dfn-CryptoKey">CryptoKey</a> <dfn id="dfn-DhKeyDeriveParams-public">public</dfn>;
 };
             </x:codeblock>
           </div>
@@ -14850,67 +14899,67 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
                       representing the public key of the generated key pair.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>publicKey</var>
                       to <code>"public"</code>
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>publicKey</var> to be the empty list.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
                       representing the private key of the generated key pair.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>privateKey</var>
                       to <code>"private"</code>
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>privateKey</var> to be <var>usages</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -14938,7 +14987,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"private"</code>,  then
                               <a href="#concept-return-an-error">return an error</a> named
                               <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -14970,14 +15019,14 @@
                   <li>
                     <p>
                       If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of the <a
-                      href="#dfn-Key-algorithm">algorithm</a> attribute of <var>publicKey</var> is
+                      href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>publicKey</var> is
                       not <code>"DH"</code>, then <a href="#concept-return-an-error">return an
                       error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var> is
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>publicKey</var> is
                       not <code>"public"</code>, then <a href="#concept-return-an-error">return an
                       error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
                     </p>
@@ -14985,9 +15034,9 @@
                   <li>
                     <p>
                       If the <a href="#dfn-DhKeyAlgorithm-prime">prime</a> attribute of the <a
-                      href="#dfn-Key-algorithm">algorithm</a> attribute of <var>publicKey</var> is
+                      href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>publicKey</var> is
                       not equal to the <a href="#dfn-DhKeyAlgorithm-prime">prime</a> attribute of
-                      the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>,
+                      the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var>,
                       then <a href="#concept-return-an-error">return an error</a> named <a
                       href="#dfn-DataError"><code>DataError</code></a>.
                     </p>
@@ -14995,9 +15044,9 @@
                   <li>
                     <p>
                       If the <a href="#dfn-DhKeyAlgorithm-generator">generator</a> attribute of the
-                      <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>publicKey</var>
+                      <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>publicKey</var>
                       is not equal to the <a href="#dfn-DhKeyAlgorithm-generator">generator</a>
-                      attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var>, then <a href="#concept-return-an-error">return an error</a>
                       named <a href="#dfn-DataError"><code>DataError</code></a>.
                     </p>
@@ -15083,9 +15132,9 @@
                       </li>
                       <li>
                         <p>
-                          Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object representing
-                          a Diffie-Hellman public key with public value <var>PV</var> and with
-                          prime, <var>p</var> and base, <var>g</var> equal to the <a
+                          Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
+                          representing a Diffie-Hellman public key with public value <var>PV</var>
+                          and with prime, <var>p</var> and base, <var>g</var> equal to the <a
                           href="#dfn-DhImportKeyParams-prime">prime</a> and <a
                           href="#dfn-DhImportKeyParams-generator">generator</a> properties of
                           <var>normalizedAlgorithm</var> respectively.
@@ -15093,8 +15142,8 @@
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> to
-                          <code>"public"</code>.
+                          Set the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
+                          to <code>"public"</code>.
                         </p>
                       </li>
                       <li>
@@ -15127,20 +15176,20 @@
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                           <var>key</var> to <var>algorithm</var>.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                           <var>key</var> to <var>extractable</var>.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var> to
-                          <var>usages</var>.
+                          Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                          <var>key</var> to <var>usages</var>.
                         </p>
                       </li>
                       <li>
@@ -15203,16 +15252,16 @@
                       </li>
                       <li>
                         <p>
-                          Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object representing
-                          the Diffie-Hellman public key obtained by parsing the
+                          Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
+                          representing the Diffie-Hellman public key obtained by parsing the
                           <code>subjectPublicKey</code> field of <var>spki</var> as an ASN.1
                           INTEGER.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-type">type</a> property of <var>key</var> to
-                          <code>"public"</code>.
+                          Set the <a href="#dfn-CryptoKey-type">type</a> property of <var>key</var>
+                          to <code>"public"</code>.
                         </p>
                       </li>
                       <li>
@@ -15245,19 +15294,19 @@
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                           <var>key</var> to <var>algorithm</var>.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                           <var>key</var> to <var>extractable</var>.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                           <var>key</var> to the
                           <a href="#concept-normalized-usages">normalized value</a> of
                           <var>usages</var>.
@@ -15332,15 +15381,15 @@
                         </p>
                       </li>
                       <li>
-                        Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object representing
-                        the Diffie-Hellman private key obtained by parsing the
+                        Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
+                        representing the Diffie-Hellman private key obtained by parsing the
                         <code>privateKey</code> field of <var>privateKeyInfo</var> as an ASN.1
                         INTEGER.
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> to
-                          <code>"private"</code>.
+                          Set the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
+                          to <code>"private"</code>.
                         </p>
                       </li>
                       <li>
@@ -15373,19 +15422,19 @@
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                           <var>key</var> to <var>algorithm</var>.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                           <var>key</var> to <var>extractable</var>.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                           <var>key</var> to the
                           <a href="#concept-normalized-usages">normalized value</a> of
                           <var>usages</var>.
@@ -15416,8 +15465,8 @@
                       <dd>
                         <dl class="switch">
                           <dt>
-                            If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                            <code>"public"</code>:
+                            If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                            <var>key</var> is <code>"public"</code>:
                           </dt>
                           <dd>
                             Let <var>result</var> be the Public Value, <var>PV</var>, associated
@@ -15425,8 +15474,8 @@
                             #3</a>].
                           </dd>
                           <dt>
-                            If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                            <code>"private"</code>:
+                            If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                            <var>key</var> is <code>"private"</code>:
                           </dt>
                           <dd>
                             Let <var>result</var> be the octet string that represents the private
@@ -15442,10 +15491,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>, then
-                              <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -15481,8 +15530,8 @@
                                           Set the <var>prime</var> field to an ASN.1 INTEGER that is
                                           equivalent to the <a
                                           href="#dfn-DhKeyAlgorithm-prime">prime</a> attribute of
-                                          the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                          of <var>key</var>.
+                                          the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                          attribute of <var>key</var>.
                                         </p>
                                       </li>
                                       <li>
@@ -15491,7 +15540,7 @@
                                           equivalent to the <a
                                           href="#dfn-DhKeyAlgorithm-generator">generator</a>
                                           attribute of the <a
-                                          href="#dfn-Key-algorithm">algorithm</a> attribute of
+                                          href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                                           <var>key</var>.
                                         </p>
                                       </li>
@@ -15517,10 +15566,10 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"private"</code>, then
-                              <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a
+                              href="#concept-return-an-error">return an error</a> named <a
+                              href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -15556,8 +15605,8 @@
                                           Set the <var>prime</var> field to an ASN.1 INTEGER that is
                                           equivalent to the <a
                                           href="#dfn-DhKeyAlgorithm-prime">prime</a> attribute of
-                                          the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                          of <var>key</var>.
+                                          the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                          attribute of <var>key</var>.
                                         </p>
                                       </li>
                                       <li>
@@ -15566,7 +15615,7 @@
                                           equivalent to the <a
                                           href="#dfn-DhKeyAlgorithm-generator">generator</a>
                                           attribute of the <a
-                                          href="#dfn-Key-algorithm">algorithm</a> attribute of
+                                          href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                                           <var>key</var>.
                                         </p>
                                       </li>
@@ -15750,7 +15799,7 @@
                 <tr>
                   <td>Import key</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>Get key length</td>
@@ -15862,14 +15911,14 @@
                       </li>
                       <li>
                         <p>
-                          Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object representing
-                          the key data provided in <var>keyData</var>.
-                        </p>
-                      </li>
-                      <li>
-                        <p>
-                          Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> to
-                          <code>"secret"</code>.
+                          Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
+                          representing the key data provided in <var>keyData</var>.
+                        </p>
+                      </li>
+                      <li>
+                        <p>
+                          Set the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
+                          to <code>"secret"</code>.
                         </p>
                       </li>
                       <li>
@@ -15886,19 +15935,19 @@
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                           <var>key</var> to <var>algorithm</var>.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                           <var>key</var> to <var>extractable</var>.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                           <var>key</var> to the
                           <a href="#concept-normalized-usages">normalized value</a> of
                           <var>usages</var>.
@@ -15967,7 +16016,7 @@
                 <tr>
                   <td>Import key</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>Get key length</td>
@@ -16144,14 +16193,14 @@
                       </li>
                       <li>
                         <p>
-                          Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object representing
-                          the key data provided in <var>keyData</var>.
-                        </p>
-                      </li>
-                      <li>
-                        <p>
-                          Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> to
-                          <code>"secret"</code>.
+                          Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
+                          representing the key data provided in <var>keyData</var>.
+                        </p>
+                      </li>
+                      <li>
+                        <p>
+                          Set the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
+                          to <code>"secret"</code>.
                         </p>
                       </li>
                       <li>
@@ -16168,19 +16217,19 @@
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                           <var>key</var> to <var>algorithm</var>.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                           <var>key</var> to <var>extractable</var>.
                         </p>
                       </li>
                       <li>
                         <p>
-                          Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                          Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                           <var>key</var> to the
                           <a href="#concept-normalized-usages">normalized value</a> of
                           <var>usages</var>.
@@ -16244,7 +16293,7 @@
                 <tr>
                   <td>generateKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>deriveBits</td>
@@ -16254,7 +16303,7 @@
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>Get key length</td>
@@ -16305,9 +16354,9 @@
                   </li>
                   <li>
                     <p>
-                      If <var>length</var> is null or is not a multiple of 8, 
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-DataError"><code>DataError</code></a>.
+                      If <var>length</var> is null or is not a multiple of 8, then <a
+                      href="#concept-return-an-error">return an error</a> named <a
+                      href="#dfn-DataError"><code>DataError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -16380,13 +16429,13 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object representing the
-                      provided password, encoded using UTF-8.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> to
+                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
+                      representing the provided password, encoded using UTF-8.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> to
                       <code>"secret"</code>.
                     </p>
                   </li>
@@ -16404,19 +16453,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>
-                      to <var>algorithm</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                      <var>key</var> to <var>algorithm</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>key</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>
                       to the <a href="#concept-normalized-usages">normalized value</a> of
                       <var>usages</var>.
                     </p>
@@ -16443,19 +16492,19 @@
                     <p>
                       If <var>usages</var> contains any element that is not
                        <code>"deriveKey"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-DataError"><code>DataError</code></a>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object representing
-                      <var>keyData</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> to
+                       then <a href="#concept-return-an-error">return an error</a> named
+                       <a href="#dfn-DataError"><code>DataError</code></a>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
+                      representing <var>keyData</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> to
                       <code>"secret"</code>.
                     </p>
                   </li>
@@ -16473,19 +16522,19 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>
-                      to <var>algorithm</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                      <var>key</var> to <var>algorithm</var>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>key</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>
                       to the <a href="#concept-normalized-usages">normalized value</a> of
                       <var>usages</var>.
                     </p>
@@ -16515,13 +16564,12 @@
       <div id="algorithm-normalizing-rules" class="section">
         <h2>Algorithm normalizing rules</h2>
         <p>
-          The <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> typedef
-          permits algorithms to be specified as either an <a href="#dfn-Algorithm">Algorithm</a>
-          dictionary or a <a href="#dfn-DOMString">DOMString</a>. The
-          <a href="#dfn-DOMString">DOMString</a>
-          option permits algorithms to be specified using shorthand 'aliases'. Algorithms may
-          define aliases and the values they correspond to. Using an alias is exactly equivalent to
-          using the value corresponding to the alias.
+          The <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> typedef permits algorithms
+          to be specified as either an <a href="#dfn-Algorithm">Algorithm</a> dictionary or a <a
+          href="#dfn-DOMString">DOMString</a>. The <a href="#dfn-DOMString">DOMString</a> option
+          permits algorithms to be specified using shorthand 'aliases'. Algorithms may define
+          aliases and the values they correspond to. Using an alias is exactly equivalent to using
+          the value corresponding to the alias.
         </p>
         <p>
           Additionally, many algorithms define a subclass of the
@@ -16529,8 +16577,8 @@
           correct subclass must be performed at the appropriate time.
         </p>
         <p>
-          When this specification says that a value <var>algorithm</var> be
-          <dfn id="concept-normalize-to-type">normalized to <var>type</var></dfn> the user agent must
+          When this specification says that a value <var>algorithm</var> be <dfn
+          id="concept-normalize-to-type">normalized to <var>type</var></dfn> the user agent must
           perform the following steps:
         </p>
         <ol>
@@ -16586,14 +16634,13 @@
           </li>
           <li>
             <p>
-              If a member, <var>memberName</var>, of <var>type</var> has a type
-              that is a union of <a href="#dfn-DOMString">DOMString</a> and a type,
-              <var>memberType</var>, that is either <a href="#dfn-Algorithm">Algorithm</a> or a
-              subclass of <a href="#dfn-Algorithm">Algorithm</a> and if the <var>memberName</var>
-              member of <var>result</var> is present and has type
-              <a href="#dfn-DOMString">DOMString</a>, then
-              replace <var>memberName</var> in <var>result</var> with the result of
-              <a href="#dfn-normalize-to-type">normalizing</a> the <var>memberName</var> member of
+              If a member, <var>memberName</var>, of <var>type</var> has a type that is a union of
+              <a href="#dfn-DOMString">DOMString</a> and a type, <var>memberType</var>, that is
+              either <a href="#dfn-Algorithm">Algorithm</a> or a subclass of <a
+              href="#dfn-Algorithm">Algorithm</a> and if the <var>memberName</var> member of
+              <var>result</var> is present and has type <a href="#dfn-DOMString">DOMString</a>, then
+              replace <var>memberName</var> in <var>result</var> with the result of <a
+              href="#dfn-normalize-to-type">normalizing</a> the <var>memberName</var> member of
               <var>result</var> to <var>memberType</var>.
             </p>
           </li>
@@ -16906,15 +16953,18 @@
              </dd>
              <dt id="jwk">JSON Web Key</dt>
              <dd>
-                <cite><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-key">JSON Web Key (work in progress)</a></cite>, M. Jones, Microsoft.
+                <cite><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-key">JSON Web Key
+                (work in progress)</a></cite>, M. Jones, Microsoft.
              </dd>
               <dt id="jwa">JSON Web Algorithms</dt>
              <dd>
-                <cite><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms">JSON Web Algorithms (work in progress)</a></cite>, M. Jones, Microsoft.
+                <cite><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms">JSON
+                Web Algorithms (work in progress)</a></cite>, M. Jones, Microsoft.
              </dd>
              <dt id="rfc3394">RFC3394</dt>
              <dd>
-                <cite><a href="http://www.ietf.org/rfc/rfc3394.txt">Advanced Encryption Standard (AES) Key Wrap Algorithm</a></cite>, J. Schaad, R. Housley, IETF.
+                <cite><a href="http://www.ietf.org/rfc/rfc3394.txt">Advanced Encryption Standard
+                (AES) Key Wrap Algorithm</a></cite>, J. Schaad, R. Housley, IETF.
              </dd>
              <dt id="fips-pub-198-1">FIPS PUB 198-1</dt>
              <dd>
@@ -17025,8 +17075,8 @@
             </dd>
             <dt id="StreamsAPI">StreamsAPI</dt>
             <dd>
-              <cite><a href="http://dvcs.w3.org/hg/streams-api/raw-file/tip/Overview.htm">Streams API</a>
-              </cite>, F. Moussa. W3C.
+              <cite><a href="http://dvcs.w3.org/hg/streams-api/raw-file/tip/Overview.htm">Streams
+              API</a> </cite>, F. Moussa. W3C.
             </dd>
           </dl>
         </div>
--- a/spec/Overview.html	Mon Jun 16 00:00:00 2014 -0700
+++ b/spec/Overview.html	Mon Jun 16 00:00:00 2014 -0700
@@ -134,7 +134,7 @@
 
     <div id="toc">
       <h2>Table of Contents</h2>
-      <div class="toc"><ul><li><a href="#introduction">1. Introduction</a></li><li><a href="#use-cases">2. Use Cases</a><ul><li><a href="#multifactor-authentication">2.1. Multi-factor Authentication</a></li><li><a href="#protected-document">2.2. Protected Document Exchange</a></li><li><a href="#cloud-storage">2.3. Cloud Storage</a></li><li><a href="#document-signing">2.4. Document Signing</a></li><li><a href="#data-integrity-protection">2.5. Data Integrity Protection</a></li><li><a href="#secure-messaging">2.6. Secure Messaging</a></li><li><a href="#jose">2.7. Javascript Object Signing and Encryption (JOSE)</a></li></ul></li><li><a href="#conformance">3. Conformance</a></li><li><a href="#scope">4. Scope</a><ul><li><a href="#scope-abstraction">4.1. Level of abstraction</a></li><li><a href="#scope-algorithms">4.2. Cryptographic algorithms</a></li><li><a href="#scope-operations">4.3. Operations</a></li><li><a href="#scope-out-of-scope">4.4. Out of scope</a></li></ul></li><li><a href="#security">5. Security considerations</a><ul><li><a href="#security-implementers">5.1. Security considerations for implementers</a></li><li><a href="#security-developers">5.2. Security considerations for authors</a></li></ul></li><li><a href="#privacy">6. Privacy considerations</a></li><li><a href="#dependencies">7. Dependencies</a></li><li><a href="#terminology">8. Terminology</a></li><li><a href="#RandomSource-interface">9. RandomSource interface</a><ul><li><a href="#RandomSource-description">9.1. Description</a></li><li><a href="#RandomSource-interface-methods">9.2. Methods and Parameters</a><ul><li><a href="#RandomSource-method-getRandomValues">9.2.1. The getRandomValues method</a></li></ul></li></ul></li><li><a href="#algorithm-dictionary">10. Algorithm dictionary</a><ul><li><a href="#algorithm-dictionary-members">10.1. Algorithm Dictionary Members</a></li></ul></li><li><a href="#key-algorithm-interface">11. KeyAlgorithm interface</a><ul><li><a href="#key-algorithm-interface-description">11.1. Description</a></li><li><a href="#key-algorithm-interface-members">11.2. KeyAlgorithm interface members</a></li></ul></li><li><a href="#key-interface">12. Key interface</a><ul><li><a href="#key-interface-description">12.1. Description</a></li><li><a href="#key-interface-types">12.2. Key interface data types</a></li><li><a href="#key-interface-members">12.3. Key interface members</a></li><li><a href="#key-interface-clone">12.4. Structured clone algorithm</a></li></ul></li><li><a href="#crypto-interface">13. Crypto interface</a></li><li><a href="#subtlecrypto-interface">14. SubtleCrypto interface</a><ul><li><a href="#subtlecrypto-interface-description">14.1. Description</a></li><li><a href="#subtlecrypto-interface-datatypes">14.2. Data Types</a></li><li><a href="#subtlecrypto-interface-methods">14.3. Methods and Parameters</a><ul><li><a href="#SubtleCrypto-method-encrypt">14.3.1. The encrypt method</a></li><li><a href="#SubtleCrypto-method-decrypt">14.3.2. The decrypt method</a></li><li><a href="#SubtleCrypto-method-sign">14.3.3. The sign method</a></li><li><a href="#SubtleCrypto-method-verify">14.3.4. The verify method</a></li><li><a href="#SubtleCrypto-method-digest">14.3.5. The digest method</a></li><li><a href="#SubtleCrypto-method-generateKey">14.3.6. The generateKey method</a></li><li><a href="#SubtleCrypto-method-deriveKey">14.3.7. The deriveKey method</a></li><li><a href="#SubtleCrypto-method-deriveBits">14.3.8. The deriveBits method</a></li><li><a href="#SubtleCrypto-method-importKey">14.3.9. The importKey method</a></li><li><a href="#SubtleCrypto-method-exportKey">14.3.10. The exportKey method</a></li><li><a href="#SubtleCrypto-method-wrapKey">14.3.11. The wrapKey method</a></li><li><a href="#SubtleCrypto-method-unwrapKey">14.3.12. The unwrapKey method</a></li></ul></li><li><a href="#SubtleCrypto-Exceptions">14.4. Exceptions</a></li></ul></li><li><a href="#WorkerCrypto-interface">15. WorkerCrypto interface</a><ul><li><a href="#WorkerCrypto-description">15.1. Description</a></li></ul></li><li><a href="#big-integer">16. BigInteger</a></li><li><a href="#keypair">17. KeyPair</a></li><li><a href="#algorithms">18. Algorithms</a><ul><li><a href="#algorithms-index">18.1. Registered algorithms</a></li><li><a href="#recommended-algorithms">18.2. Recommended algorithms</a></li><li><a href="#defining-an-algorithm">18.3. Defining an algorithm</a><ul><li><a href="#recognized-algorithm-name">18.3.1. Recognized algorithm name</a></li><li><a href="#supported-operations">18.3.2. Supported operations</a></li><li><a href="#algorithm-specific-params">18.3.3. Algorithm-specific parameters</a></li><li><a href="#algorithm-result">18.3.4. Algorithm results</a></li><li><a href="#algorithm-alias">18.3.5. Algorithm aliases</a></li></ul></li><li><a href="#rsaes-pkcs1">18.4. RSAES-PKCS1-v1_5</a><ul><li><a href="#rsaes-pkcs1-description">18.4.1. Description</a></li><li><a href="#rsaes-pkcs1-registration">18.4.2. Registration</a></li><li><a href="#RsaKeyGenParams-dictionary">18.4.3. RsaKeyGenParams dictionary</a></li><li><a href="#RsaKeyAlgorithm-interface">18.4.4. RsaKeyAlgorithm interface</a></li><li><a href="#rsaes-pkcs1-operations">18.4.5. Operations</a></li></ul></li><li><a href="#rsassa-pkcs1">18.5. RSASSA-PKCS1-v1_5</a><ul><li><a href="#rsassa-pkcs1-description">18.5.1. Description</a></li><li><a href="#rsassa-pkcs1-registration">18.5.2. Registration</a></li><li><a href="#RsaHashedKeyGenParams-dictionary">18.5.3. RsaHashedKeyGenParams dictionary</a></li><li><a href="#RsaHashedKeyAlgorithm-interface">18.5.4. RsaHashedKeyAlgorithm interface</a></li><li><a href="#RsaHashedImportParams-dictionary">18.5.5. RsaHashedImportParams dictionary</a></li><li><a href="#rsassa-pkcs1-operations">18.5.6. Operations</a></li></ul></li><li><a href="#rsa-pss">18.6. RSA-PSS</a><ul><li><a href="#rsa-pss-description">18.6.1. Description</a></li><li><a href="#rsa-pss-registration">18.6.2. Registration</a></li><li><a href="#RsaPssParams-dictionary">18.6.3. RsaPssParams dictionary</a></li><li><a href="#rsa-pss-operations">18.6.4. Operations</a></li></ul></li><li><a href="#rsa-oaep">18.7. RSA-OAEP</a><ul><li><a href="#rsa-oaep-description">18.7.1. Description</a></li><li><a href="#rsa-oaep-registration">18.7.2. Registration</a></li><li><a href="#rsa-oaep-params">18.7.3. RsaOaepParams dictionary</a></li><li><a href="#rsa-oaep-operations">18.7.4. Operations</a></li></ul></li><li><a href="#ecdsa">18.8. ECDSA</a><ul><li><a href="#ecdsa-description">18.8.1. Description</a></li><li><a href="#ecdsa-registration">18.8.2. Registration</a></li><li><a href="#EcdsaParams-dictionary">18.8.3. EcdsaParams dictionary</a></li><li><a href="#EcKeyGenParams-dictionary">18.8.4. EcKeyGenParams dictionary</a></li><li><a href="#EcKeyAlgorithm-interface">18.8.5. EcKeyAlgorithm interface</a></li><li><a href="#EcKeyImportParams-dictionary">18.8.6. EcKeyImportParams dictionary</a></li><li><a href="#ecdsa-operations">18.8.7. Operations</a></li></ul></li><li><a href="#ecdh">18.9. ECDH</a><ul><li><a href="#ecdh-description">18.9.1. Description</a></li><li><a href="#ecdh-registration">18.9.2. Registration</a></li><li><a href="#dh-EcdhKeyDeriveParams">18.9.3. EcdhKeyDeriveParams dictionary</a></li><li><a href="#ecdh-operations">18.9.4. Operations</a></li></ul></li><li><a href="#aes-ctr">18.10. AES-CTR</a><ul><li><a href="#aes-ctr-description">18.10.1. Description</a></li><li><a href="#aes-ctr-registration">18.10.2. Registration</a></li><li><a href="#aes-ctr-params">18.10.3. AesCtrParams dictionary</a></li><li><a href="#AesKeyAlgorithm-interface">18.10.4. </a></li><li><a href="#aes-keygen-params">18.10.5. AesKeyGenParams dictionary</a></li><li><a href="#aes-derivedkey-params">18.10.6. AesDerivedKeyParams dictionary</a></li><li><a href="#aes-ctr-operations">18.10.7. Operations</a></li></ul></li><li><a href="#aes-cbc">18.11. AES-CBC</a><ul><li><a href="#aes-cbc-description">18.11.1. Description</a></li><li><a href="#aes-cbc-registration">18.11.2. Registration</a></li><li><a href="#aes-cbc-params">18.11.3. AesCbcParams dictionary</a></li><li><a href="#aes-cbc-operations">18.11.4. Operations</a></li></ul></li><li><a href="#aes-cmac">18.12. AES-CMAC</a><ul><li><a href="#aes-cmac-description">18.12.1. Description</a></li><li><a href="#aes-cmac-registration">18.12.2. Registration</a></li><li><a href="#aes-cmac-params">18.12.3. AesCmacParams dictionary</a></li><li><a href="#aes-cmac-operations">18.12.4. Operations</a></li></ul></li><li><a href="#aes-gcm">18.13. AES-GCM</a><ul><li><a href="#aes-gcm-description">18.13.1. Description</a></li><li><a href="#aes-gcm-registration">18.13.2. Registration</a></li><li><a href="#aes-gcm-params">18.13.3. AesGcmParams dictionary</a></li><li><a href="#aes-gcm-operations">18.13.4. Operations</a></li></ul></li><li><a href="#aes-cfb">18.14. AES-CFB</a><ul><li><a href="#aes-cfb-description">18.14.1. Description</a></li><li><a href="#aes-cfb-registration">18.14.2. Registration</a></li><li><a href="#aes-cfb-params">18.14.3. AesCfbParams dictionary</a></li><li><a href="#aes-cfb-operations">18.14.4. Operations</a></li></ul></li><li><a href="#aes-kw">18.15. AES-KW</a><ul><li><a href="#aes-kw-description">18.15.1. Description</a></li><li><a href="#aes-kw-registration">18.15.2. Registration</a></li><li><a href="#aes-kw-operations">18.15.3. Operations</a></li></ul></li><li><a href="#hmac">18.16. HMAC</a><ul><li><a href="#hmac-description">18.16.1. Description</a></li><li><a href="#hmac-registration">18.16.2. Registration</a></li><li><a href="#hmac-importparams">18.16.3. HmacImportParams dictionary</a></li><li><a href="#hmac-keyalgorithm">18.16.4. HmacKeyAlgorithm interface</a></li><li><a href="#hmac-keygen-params">18.16.5. HmacKeyGenParams dictionary</a></li><li><a href="#hmac-derivedkey-params">18.16.6. HmacDerivedKeyParams dictionary</a></li><li><a href="#hmac-operations">18.16.7. Operations</a></li></ul></li><li><a href="#dh">18.17. Diffie-Hellman</a><ul><li><a href="#dh-description">18.17.1. Description</a></li><li><a href="#dh-registration">18.17.2. Registration</a></li><li><a href="#dh-DhKeyGenParams">18.17.3. DhKeyGenParams dictionary</a></li><li><a href="#dh-DhKeyAlgorithm">18.17.4. DhKeyAlgorithm interface</a></li><li><a href="#dh-DhKeyDeriveParams">18.17.5. DhKeyDeriveParams dictionary</a></li><li><a href="#dh-DhImportKeyParams">18.17.6. DhImportKeyParams dictionary</a></li><li><a href="#dh-operations">18.17.7. Operations</a></li></ul></li><li><a href="#sha">18.18. SHA</a><ul><li><a href="#sha-description">18.18.1. Description</a></li><li><a href="#sha-registration">18.18.2. Registration</a></li><li><a href="#sha-operations">18.18.3. Operations</a></li></ul></li><li><a href="#concatkdf">18.19. Concat KDF</a><ul><li><a href="#concatkdf-description">18.19.1. Description</a></li><li><a href="#concatkdf-registration">18.19.2. Registration</a></li><li><a href="#concat-params">18.19.3. ConcatParams dictionary</a></li><li><a href="#concat-operations">18.19.4. Operations</a></li></ul></li><li><a href="#hkdf-ctr">18.20. HKDF-CTR</a><ul><li><a href="#hkdf-ctr-description">18.20.1. Description</a></li><li><a href="#hkdf-ctr-registration">18.20.2. Registration</a></li><li><a href="#hkdf-ctr-params">18.20.3. HkdfCtrParams dictionary</a></li><li><a href="#hkdf2-ctr-operations">18.20.4. Operations</a></li></ul></li><li><a href="#pbkdf2">18.21. PBKDF2</a><ul><li><a href="#pbkdf2-description">18.21.1. Description</a></li><li><a href="#pbkdf2-registration">18.21.2. Registration</a></li><li><a href="#pbkdf2-params">18.21.3. Pbkdf2Params dictionary</a></li><li><a href="#pbkdf2-operations">18.21.4. Operations</a></li></ul></li></ul></li><li><a href="#algorithm-normalizing-rules">19. Algorithm normalizing rules</a></li><li><a href="#examples-section">20. JavaScript Example Code</a><ul><li><a href="#examples-signing">20.1. Generate a signing key pair, sign some data</a></li><li><a href="#examples-symmetric-encryption">20.2. Symmetric Encryption</a></li></ul></li><li><a href="#iana-section">21. IANA Considerations</a><ul><li><a href="#iana-section-jws-jwa">21.1. JSON Web Signature and Encryption Algorithms Registration</a></li><li><a href="#iana-section-jwk">21.2. JSON Web Key Parameters Registry</a></li></ul></li><li><a href="#acknowledgements-section">22. Acknowledgements</a></li><li><a href="#references">23. References</a><ul><li><a href="#normative-references">23.1. Normative References</a></li><li><a href="#informative-references">23.2. Informative References</a></li></ul></li></ul><ul><li><a href="#jwk-mapping">A. Mapping between JSON Web Key / JSON Web Algorithm</a><ul><li><a href="#jwk-mapping-alg">A.1. Algorithm mappings</a></li><li><a href="#jwk-mapping-usage">A.2. Usage mapping</a></li></ul></li><li><a href="#spki-mapping">B. Mapping between Algorithm and SubjectPublicKeyInfo</a></li><li><a href="#pkcs8-mapping">C. Mapping between Algorithm and PKCS#8 PrivateKeyInfo</a></li></ul></div>
+      <div class="toc"><ul><li><a href="#introduction">1. Introduction</a></li><li><a href="#use-cases">2. Use Cases</a><ul><li><a href="#multifactor-authentication">2.1. Multi-factor Authentication</a></li><li><a href="#protected-document">2.2. Protected Document Exchange</a></li><li><a href="#cloud-storage">2.3. Cloud Storage</a></li><li><a href="#document-signing">2.4. Document Signing</a></li><li><a href="#data-integrity-protection">2.5. Data Integrity Protection</a></li><li><a href="#secure-messaging">2.6. Secure Messaging</a></li><li><a href="#jose">2.7. Javascript Object Signing and Encryption (JOSE)</a></li></ul></li><li><a href="#conformance">3. Conformance</a></li><li><a href="#scope">4. Scope</a><ul><li><a href="#scope-abstraction">4.1. Level of abstraction</a></li><li><a href="#scope-algorithms">4.2. Cryptographic algorithms</a></li><li><a href="#scope-operations">4.3. Operations</a></li><li><a href="#scope-out-of-scope">4.4. Out of scope</a></li></ul></li><li><a href="#security">5. Security considerations</a><ul><li><a href="#security-implementers">5.1. Security considerations for implementers</a></li><li><a href="#security-developers">5.2. Security considerations for authors</a></li></ul></li><li><a href="#privacy">6. Privacy considerations</a></li><li><a href="#dependencies">7. Dependencies</a></li><li><a href="#terminology">8. Terminology</a></li><li><a href="#RandomSource-interface">9. RandomSource interface</a><ul><li><a href="#RandomSource-description">9.1. Description</a></li><li><a href="#RandomSource-interface-methods">9.2. Methods and Parameters</a><ul><li><a href="#RandomSource-method-getRandomValues">9.2.1. The getRandomValues method</a></li></ul></li></ul></li><li><a href="#algorithm-dictionary">10. Algorithm dictionary</a><ul><li><a href="#algorithm-dictionary-members">10.1. Algorithm Dictionary Members</a></li></ul></li><li><a href="#key-algorithm-interface">11. KeyAlgorithm interface</a><ul><li><a href="#key-algorithm-interface-description">11.1. Description</a></li><li><a href="#key-algorithm-interface-members">11.2. KeyAlgorithm interface members</a></li></ul></li><li><a href="#cryptokey-interface">12. CryptoKey interface</a><ul><li><a href="#cryptokey-interface-description">12.1. Description</a></li><li><a href="#cryptokey-interface-types">12.2. Key interface data types</a></li><li><a href="#cryptokey-interface-members">12.3. CryptoKey interface members</a></li><li><a href="#cryptokey-interface-clone">12.4. Structured clone algorithm</a></li></ul></li><li><a href="#crypto-interface">13. Crypto interface</a></li><li><a href="#subtlecrypto-interface">14. SubtleCrypto interface</a><ul><li><a href="#subtlecrypto-interface-description">14.1. Description</a></li><li><a href="#subtlecrypto-interface-datatypes">14.2. Data Types</a></li><li><a href="#subtlecrypto-interface-methods">14.3. Methods and Parameters</a><ul><li><a href="#SubtleCrypto-method-encrypt">14.3.1. The encrypt method</a></li><li><a href="#SubtleCrypto-method-decrypt">14.3.2. The decrypt method</a></li><li><a href="#SubtleCrypto-method-sign">14.3.3. The sign method</a></li><li><a href="#SubtleCrypto-method-verify">14.3.4. The verify method</a></li><li><a href="#SubtleCrypto-method-digest">14.3.5. The digest method</a></li><li><a href="#SubtleCrypto-method-generateKey">14.3.6. The generateKey method</a></li><li><a href="#SubtleCrypto-method-deriveKey">14.3.7. The deriveKey method</a></li><li><a href="#SubtleCrypto-method-deriveBits">14.3.8. The deriveBits method</a></li><li><a href="#SubtleCrypto-method-importKey">14.3.9. The importKey method</a></li><li><a href="#SubtleCrypto-method-exportKey">14.3.10. The exportKey method</a></li><li><a href="#SubtleCrypto-method-wrapKey">14.3.11. The wrapKey method</a></li><li><a href="#SubtleCrypto-method-unwrapKey">14.3.12. The unwrapKey method</a></li></ul></li><li><a href="#SubtleCrypto-Exceptions">14.4. Exceptions</a></li></ul></li><li><a href="#WorkerCrypto-interface">15. WorkerCrypto interface</a><ul><li><a href="#WorkerCrypto-description">15.1. Description</a></li></ul></li><li><a href="#big-integer">16. BigInteger</a></li><li><a href="#keypair">17. KeyPair</a></li><li><a href="#algorithms">18. Algorithms</a><ul><li><a href="#algorithms-index">18.1. Registered algorithms</a></li><li><a href="#recommended-algorithms">18.2. Recommended algorithms</a></li><li><a href="#defining-an-algorithm">18.3. Defining an algorithm</a><ul><li><a href="#recognized-algorithm-name">18.3.1. Recognized algorithm name</a></li><li><a href="#supported-operations">18.3.2. Supported operations</a></li><li><a href="#algorithm-specific-params">18.3.3. Algorithm-specific parameters</a></li><li><a href="#algorithm-result">18.3.4. Algorithm results</a></li><li><a href="#algorithm-alias">18.3.5. Algorithm aliases</a></li></ul></li><li><a href="#rsaes-pkcs1">18.4. RSAES-PKCS1-v1_5</a><ul><li><a href="#rsaes-pkcs1-description">18.4.1. Description</a></li><li><a href="#rsaes-pkcs1-registration">18.4.2. Registration</a></li><li><a href="#RsaKeyGenParams-dictionary">18.4.3. RsaKeyGenParams dictionary</a></li><li><a href="#RsaKeyAlgorithm-interface">18.4.4. RsaKeyAlgorithm interface</a></li><li><a href="#rsaes-pkcs1-operations">18.4.5. Operations</a></li></ul></li><li><a href="#rsassa-pkcs1">18.5. RSASSA-PKCS1-v1_5</a><ul><li><a href="#rsassa-pkcs1-description">18.5.1. Description</a></li><li><a href="#rsassa-pkcs1-registration">18.5.2. Registration</a></li><li><a href="#RsaHashedKeyGenParams-dictionary">18.5.3. RsaHashedKeyGenParams dictionary</a></li><li><a href="#RsaHashedKeyAlgorithm-interface">18.5.4. RsaHashedKeyAlgorithm interface</a></li><li><a href="#RsaHashedImportParams-dictionary">18.5.5. RsaHashedImportParams dictionary</a></li><li><a href="#rsassa-pkcs1-operations">18.5.6. Operations</a></li></ul></li><li><a href="#rsa-pss">18.6. RSA-PSS</a><ul><li><a href="#rsa-pss-description">18.6.1. Description</a></li><li><a href="#rsa-pss-registration">18.6.2. Registration</a></li><li><a href="#RsaPssParams-dictionary">18.6.3. RsaPssParams dictionary</a></li><li><a href="#rsa-pss-operations">18.6.4. Operations</a></li></ul></li><li><a href="#rsa-oaep">18.7. RSA-OAEP</a><ul><li><a href="#rsa-oaep-description">18.7.1. Description</a></li><li><a href="#rsa-oaep-registration">18.7.2. Registration</a></li><li><a href="#rsa-oaep-params">18.7.3. RsaOaepParams dictionary</a></li><li><a href="#rsa-oaep-operations">18.7.4. Operations</a></li></ul></li><li><a href="#ecdsa">18.8. ECDSA</a><ul><li><a href="#ecdsa-description">18.8.1. Description</a></li><li><a href="#ecdsa-registration">18.8.2. Registration</a></li><li><a href="#EcdsaParams-dictionary">18.8.3. EcdsaParams dictionary</a></li><li><a href="#EcKeyGenParams-dictionary">18.8.4. EcKeyGenParams dictionary</a></li><li><a href="#EcKeyAlgorithm-interface">18.8.5. EcKeyAlgorithm interface</a></li><li><a href="#EcKeyImportParams-dictionary">18.8.6. EcKeyImportParams dictionary</a></li><li><a href="#ecdsa-operations">18.8.7. Operations</a></li></ul></li><li><a href="#ecdh">18.9. ECDH</a><ul><li><a href="#ecdh-description">18.9.1. Description</a></li><li><a href="#ecdh-registration">18.9.2. Registration</a></li><li><a href="#dh-EcdhKeyDeriveParams">18.9.3. EcdhKeyDeriveParams dictionary</a></li><li><a href="#ecdh-operations">18.9.4. Operations</a></li></ul></li><li><a href="#aes-ctr">18.10. AES-CTR</a><ul><li><a href="#aes-ctr-description">18.10.1. Description</a></li><li><a href="#aes-ctr-registration">18.10.2. Registration</a></li><li><a href="#aes-ctr-params">18.10.3. AesCtrParams dictionary</a></li><li><a href="#AesKeyAlgorithm-interface">18.10.4. </a></li><li><a href="#aes-keygen-params">18.10.5. AesKeyGenParams dictionary</a></li><li><a href="#aes-derivedkey-params">18.10.6. AesDerivedKeyParams dictionary</a></li><li><a href="#aes-ctr-operations">18.10.7. Operations</a></li></ul></li><li><a href="#aes-cbc">18.11. AES-CBC</a><ul><li><a href="#aes-cbc-description">18.11.1. Description</a></li><li><a href="#aes-cbc-registration">18.11.2. Registration</a></li><li><a href="#aes-cbc-params">18.11.3. AesCbcParams dictionary</a></li><li><a href="#aes-cbc-operations">18.11.4. Operations</a></li></ul></li><li><a href="#aes-cmac">18.12. AES-CMAC</a><ul><li><a href="#aes-cmac-description">18.12.1. Description</a></li><li><a href="#aes-cmac-registration">18.12.2. Registration</a></li><li><a href="#aes-cmac-params">18.12.3. AesCmacParams dictionary</a></li><li><a href="#aes-cmac-operations">18.12.4. Operations</a></li></ul></li><li><a href="#aes-gcm">18.13. AES-GCM</a><ul><li><a href="#aes-gcm-description">18.13.1. Description</a></li><li><a href="#aes-gcm-registration">18.13.2. Registration</a></li><li><a href="#aes-gcm-params">18.13.3. AesGcmParams dictionary</a></li><li><a href="#aes-gcm-operations">18.13.4. Operations</a></li></ul></li><li><a href="#aes-cfb">18.14. AES-CFB</a><ul><li><a href="#aes-cfb-description">18.14.1. Description</a></li><li><a href="#aes-cfb-registration">18.14.2. Registration</a></li><li><a href="#aes-cfb-params">18.14.3. AesCfbParams dictionary</a></li><li><a href="#aes-cfb-operations">18.14.4. Operations</a></li></ul></li><li><a href="#aes-kw">18.15. AES-KW</a><ul><li><a href="#aes-kw-description">18.15.1. Description</a></li><li><a href="#aes-kw-registration">18.15.2. Registration</a></li><li><a href="#aes-kw-operations">18.15.3. Operations</a></li></ul></li><li><a href="#hmac">18.16. HMAC</a><ul><li><a href="#hmac-description">18.16.1. Description</a></li><li><a href="#hmac-registration">18.16.2. Registration</a></li><li><a href="#hmac-importparams">18.16.3. HmacImportParams dictionary</a></li><li><a href="#hmac-keyalgorithm">18.16.4. HmacKeyAlgorithm interface</a></li><li><a href="#hmac-keygen-params">18.16.5. HmacKeyGenParams dictionary</a></li><li><a href="#hmac-derivedkey-params">18.16.6. HmacDerivedKeyParams dictionary</a></li><li><a href="#hmac-operations">18.16.7. Operations</a></li></ul></li><li><a href="#dh">18.17. Diffie-Hellman</a><ul><li><a href="#dh-description">18.17.1. Description</a></li><li><a href="#dh-registration">18.17.2. Registration</a></li><li><a href="#dh-DhKeyGenParams">18.17.3. DhKeyGenParams dictionary</a></li><li><a href="#dh-DhKeyAlgorithm">18.17.4. DhKeyAlgorithm interface</a></li><li><a href="#dh-DhKeyDeriveParams">18.17.5. DhKeyDeriveParams dictionary</a></li><li><a href="#dh-DhImportKeyParams">18.17.6. DhImportKeyParams dictionary</a></li><li><a href="#dh-operations">18.17.7. Operations</a></li></ul></li><li><a href="#sha">18.18. SHA</a><ul><li><a href="#sha-description">18.18.1. Description</a></li><li><a href="#sha-registration">18.18.2. Registration</a></li><li><a href="#sha-operations">18.18.3. Operations</a></li></ul></li><li><a href="#concatkdf">18.19. Concat KDF</a><ul><li><a href="#concatkdf-description">18.19.1. Description</a></li><li><a href="#concatkdf-registration">18.19.2. Registration</a></li><li><a href="#concat-params">18.19.3. ConcatParams dictionary</a></li><li><a href="#concat-operations">18.19.4. Operations</a></li></ul></li><li><a href="#hkdf-ctr">18.20. HKDF-CTR</a><ul><li><a href="#hkdf-ctr-description">18.20.1. Description</a></li><li><a href="#hkdf-ctr-registration">18.20.2. Registration</a></li><li><a href="#hkdf-ctr-params">18.20.3. HkdfCtrParams dictionary</a></li><li><a href="#hkdf2-ctr-operations">18.20.4. Operations</a></li></ul></li><li><a href="#pbkdf2">18.21. PBKDF2</a><ul><li><a href="#pbkdf2-description">18.21.1. Description</a></li><li><a href="#pbkdf2-registration">18.21.2. Registration</a></li><li><a href="#pbkdf2-params">18.21.3. Pbkdf2Params dictionary</a></li><li><a href="#pbkdf2-operations">18.21.4. Operations</a></li></ul></li></ul></li><li><a href="#algorithm-normalizing-rules">19. Algorithm normalizing rules</a></li><li><a href="#examples-section">20. JavaScript Example Code</a><ul><li><a href="#examples-signing">20.1. Generate a signing key pair, sign some data</a></li><li><a href="#examples-symmetric-encryption">20.2. Symmetric Encryption</a></li></ul></li><li><a href="#iana-section">21. IANA Considerations</a><ul><li><a href="#iana-section-jws-jwa">21.1. JSON Web Signature and Encryption Algorithms Registration</a></li><li><a href="#iana-section-jwk">21.2. JSON Web Key Parameters Registry</a></li></ul></li><li><a href="#acknowledgements-section">22. Acknowledgements</a></li><li><a href="#references">23. References</a><ul><li><a href="#normative-references">23.1. Normative References</a></li><li><a href="#informative-references">23.2. Informative References</a></li></ul></li></ul><ul><li><a href="#jwk-mapping">A. Mapping between JSON Web Key / JSON Web Algorithm</a><ul><li><a href="#jwk-mapping-alg">A.1. Algorithm mappings</a></li><li><a href="#jwk-mapping-usage">A.2. Usage mapping</a></li></ul></li><li><a href="#spki-mapping">B. Mapping between Algorithm and SubjectPublicKeyInfo</a></li><li><a href="#pkcs8-mapping">C. Mapping between Algorithm and PKCS#8 PrivateKeyInfo</a></li></ul></div>
     </div>
 
     <div id="sections">
@@ -345,14 +345,14 @@
             functionality that are specific to one or two implementations. As such this API allows
             key generation, management, and exchange with a level of abstraction that avoids
             developers needing to care about the implementation of the underlying key storage. The
-            API is focused specifically around Key objects, as an abstraction for the underlying raw
-            cryptographic keying material. The intent behind this is to allow an API that is generic
-            enough to allow conforming user agents to expose keys that are stored and managed
-            directly by the user agent, that may be stored or managed using isolated storage APIs
-            such as per-user key stores provided by some operating systems, or within key storage
-            devices such as secure elements, while allowing rich web applications to manipulate the
-            keys and without requiring the web application be aware of the nature of the underlying
-            key storage.
+            API is focused specifically around CryptoKey objects, as an abstraction for the
+            underlying raw cryptographic keying material. The intent behind this is to allow an API
+            that is generic enough to allow conforming user agents to expose keys that are stored
+            and managed directly by the user agent, that may be stored or managed using isolated
+            storage APIs such as per-user key stores provided by some operating systems, or within
+            key storage devices such as secure elements, while allowing rich web applications to
+            manipulate the keys and without requiring the web application be aware of the nature of
+            the underlying key storage.
           </p>
         </div>
         <div class="section" id="scope-algorithms">
@@ -866,7 +866,7 @@
         <h2>11. KeyAlgorithm interface</h2>
         <p>
           The KeyAlgorithm interface represents information about the contents of a given
-          <a href="#dfn-Key">Key</a> object.
+          <a href="#dfn-CryptoKey">CryptoKey</a> object.
         </p>
         <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 [NoInterfaceObject]
@@ -879,40 +879,42 @@
           <p class="norm">This section is non-normative</p>
           <p>
             The <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> interface is a supplemental interface
-            used to reflect the static, public properties of a <a href="#dfn-Key">Key</a> back to an
-            application. These properties can be used for determination of strength (e.g.: an
-            attribute that indicates the size of the key or the parameters of its creation) as well
-            as for protocol negotiations (e.g.: a particular instance of an inner hash).
+            used to reflect the static, public properties of a <a href="#dfn-CryptoKey">CryptoKey</a> back to an application. These properties can be used
+            for determination of strength (e.g.: an attribute that indicates the size of the key or
+            the parameters of its creation) as well as for protocol negotiations (e.g.: a particular
+            instance of an inner hash).
           </p>
         </div>
         <div id="key-algorithm-interface-members" class="section">
           <h3>11.2. KeyAlgorithm interface members</h3>
           <dl>
             <dt id="dfn-KeyAlgorithm-name">name</dt>
-            <dd>The name of the algorithm used to generate the <a href="#dfn-Key">Key</a></dd>
+            <dd>
+              The name of the algorithm used to generate the <a href="#dfn-CryptoKey">CryptoKey</a>
+            </dd>
           </dl>
         </div>
       </div>
           
-      <div id="key-interface" class="section">
-        <h2>12. Key interface</h2>
+      <div id="cryptokey-interface" class="section">
+        <h2>12. CryptoKey interface</h2>
         <p>
-          The Key object represents an opaque reference to keying material that is managed by the
-          user agent.
+          The CryptoKey object represents an opaque reference to keying material that is managed by
+          the user agent.
         </p>
         <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 typedef DOMString <a href="#dfn-KeyType">KeyType</a>;
 
 typedef DOMString <a href="#dfn-KeyUsage">KeyUsage</a>;
 
-interface <dfn id="dfn-Key">Key</dfn> {
-  readonly attribute <a href="#dfn-KeyType">KeyType</a> <a href="#dfn-Key-type">type</a>;
-  readonly attribute boolean <a href="#dfn-Key-extractable">extractable</a>;
-  readonly attribute <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> <a href="#dfn-Key-algorithm">algorithm</a>;
-  readonly attribute object <a href="#dfn-Key-usages">usages</a>;
+interface <dfn id="dfn-CryptoKey">CryptoKey</dfn> {
+  readonly attribute <a href="#dfn-KeyType">KeyType</a> <a href="#dfn-CryptoKey-type">type</a>;
+  readonly attribute boolean <a href="#dfn-CryptoKey-extractable">extractable</a>;
+  readonly attribute <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> <a href="#dfn-CryptoKey-algorithm">algorithm</a>;
+  readonly attribute object <a href="#dfn-CryptoKey-usages">usages</a>;
 };
         </code></pre></div></div>
-        <div id="key-interface-description" class="section">
+        <div id="cryptokey-interface-description" class="section">
           <h3>12.1. Description</h3>
           <p class="norm">This section is non-normative</p>
           <p>
@@ -925,13 +927,14 @@
             operations and secret values obtained within key derivation or exchange operations.
           </p>
           <p>
-            The Key object is not required to directly interface with the underlying key storage
-            mechanism, and may instead simply be a reference for the user agent to understand how to
-            obtain the keying material when needed, eg. when performing a cryptographic operation.
+            The CryptoKey object is not required to directly interface with the underlying key
+            storage mechanism, and may instead simply be a reference for the user agent to
+            understand how to obtain the keying material when needed, eg. when performing a
+            cryptographic operation.
           </p>
         </div>
 
-        <div id="key-interface-types" class="section">
+        <div id="cryptokey-interface-types" class="section">
           <h3>12.2. Key interface data types</h3>
           <dl>
             <dt id="dfn-KeyType"><code>KeyType</code></dt>
@@ -958,22 +961,22 @@
           </dl>
         </div>
 
-        <div id="key-interface-members" class="section">
-          <h3>12.3. Key interface members</h3>
+        <div id="cryptokey-interface-members" class="section">
+          <h3>12.3. CryptoKey interface members</h3>
           <dl>
-            <dt id="dfn-Key-type"><code>type</code></dt>
+            <dt id="dfn-CryptoKey-type"><code>type</code></dt>
             <dd>
               The type of the underlying key.
             </dd>
-            <dt id="dfn-Key-extractable"><code>extractable</code></dt>
+            <dt id="dfn-CryptoKey-extractable"><code>extractable</code></dt>
             <dd>
               Whether or not the raw keying material may be exported by the application.
             </dd>
-            <dt id="dfn-Key-algorithm"><code>algorithm</code></dt>
+            <dt id="dfn-CryptoKey-algorithm"><code>algorithm</code></dt>
             <dd>
               The <a href="#dfn-KeyAlgorithm"><code>KeyAlgorithm</code></a> used to generate the key.
             </dd>
-            <dt id="dfn-Key-usages"><code>usages</code></dt>
+            <dt id="dfn-CryptoKey-usages"><code>usages</code></dt>
             <dd>
               An <code>Array</code> of <a href="#dfn-KeyUsage"><code>KeyUsages</code></a> that
               indicate what cryptographic operations may be used with this key.
@@ -981,29 +984,32 @@
           </dl>
         </div>
 
-        <div id="key-interface-clone" class="section">
+        <div id="cryptokey-interface-clone" class="section">
           <h3>12.4. Structured clone algorithm</h3>
           <p>
             When a user agent is required to obtain a <a href="#structured-clone">structured clone</a>
-            of a <a href="#dfn-Key">Key</a> object, it must run the following steps.
+            of a <a href="#dfn-CryptoKey">CryptoKey</a> object, it must run the following steps.
           </p>
           <ol>
             <li>
-              Let <var>input</var> and <var>memory</var> be the corresponding inputs defined
-              by the <a href="#structured-clone">internal structured cloning algorithm</a>,
-              where <var>input</var> represents a <a href="#dfn-Key">Key</a> object to be cloned.
+              Let <var>input</var> and <var>memory</var> be the corresponding inputs defined by the
+              <a href="#structured-clone">internal structured cloning algorithm</a>, where
+              <var>input</var> represents a <a href="#dfn-CryptoKey">CryptoKey</a> object to be
+              cloned.
             </li>
-            <li>Let <var>output</var> be a newly constructed <a href="#dfn-Key">Key</a> object.</li>
+            <li>
+              Let <var>output</var> be a newly constructed <a href="#dfn-CryptoKey">CryptoKey</a>
+              object.</li>
             <li>
               Let the following attributes of <var>output</var> be equal to the value obtained by
               invoking the internal structured clone algorithm recursively, using the corresponding
               attribute on <var>input</var> as the new "<var>input</var>" argument and
               <var>memory</var> as the new "<var>memory</var>" argument:
               <ul>
-                <li><a href="#dfn-Key-type">type</a></li>
-                <li><a href="#dfn-Key-extractable">extractable</a></li>
-                <li><a href="#dfn-Key-algorithm">KeyAlgorithm</a></li>
-                <li><a href="#dfn-Key-usages">KeyUsage</a></li>
+                <li><a href="#dfn-CryptoKey-type">type</a></li>
+                <li><a href="#dfn-CryptoKey-extractable">extractable</a></li>
+                <li><a href="#dfn-CryptoKey-algorithm">KeyAlgorithm</a></li>
+                <li><a href="#dfn-CryptoKey-usages">KeyUsage</a></li>
               </ul>
             </li>
             <li>
@@ -1013,12 +1019,12 @@
           </ol>
           <div class="note"><div class="noteHeader">Note</div>
             <strong>Implementation Note:</strong> When performing the structured clone algorithm for
-            a <code>Key</code> object, it is important that the underlying cryptographic key
+            a <code>CryptoKey</code> object, it is important that the underlying cryptographic key
             material not be exposed to a JavaScript implementation. Such a situation may arise if an
             implementation fails to implement the structured clone algorithm correctly, such as by
-            allowing a <code>Key</code> object to be serialized as part of a structured clone
+            allowing a <code>CryptoKey</code> object to be serialized as part of a structured clone
             implementation, but then deserializing it as a <code>DOMString</code>, rather than as a
-            <code>Key</code> object.
+            <code>CryptoKey</code> object.
           </div>
         </div>
       </div>
@@ -1047,16 +1053,16 @@
 
 interface <dfn id="dfn-SubtleCrypto">SubtleCrypto</dfn> {
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-encrypt">encrypt</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                       <a href="#dfn-Key">Key</a> key,
+                       <a href="#dfn-CryptoKey">CryptoKey</a> key,
                        CryptoOperationData data);
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-decrypt">decrypt</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                       <a href="#dfn-Key">Key</a> key,
+                       <a href="#dfn-CryptoKey">CryptoKey</a> key,
                        CryptoOperationData data);
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-sign">sign</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                    <a href="#dfn-Key">Key</a> key,
+                    <a href="#dfn-CryptoKey">CryptoKey</a> key,
                     CryptoOperationData data);
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-verify">verify</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                      <a href="#dfn-Key">Key</a> key,
+                      <a href="#dfn-CryptoKey">CryptoKey</a> key,
                       CryptoOperationData signature,
                       CryptoOperationData data);
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-digest">digest</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
@@ -1066,12 +1072,12 @@
                           boolean extractable,
                           sequence&lt;<a href="#dfn-KeyUsage">KeyUsage</a>&gt; keyUsages );
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-deriveKey">deriveKey</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                         <a href="#dfn-Key">Key</a> baseKey,
+                         <a href="#dfn-CryptoKey">CryptoKey</a> baseKey,
                          <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> derivedKeyType,
                          boolean extractable,
                          sequence&lt;<a href="#dfn-KeyUsage">KeyUsage</a>&gt; keyUsages );
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-deriveBits">deriveBits</a>(<a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
-                          <a href="#dfn-Key">Key</a> baseKey,
+                          <a href="#dfn-CryptoKey">CryptoKey</a> baseKey,
                           unsigned long length);
   
   <span class="comment">// TBD: <a href="https://www.w3.org/2012/webcrypto/track/issues/35">ISSUE-35</a></span>
@@ -1080,16 +1086,16 @@
                          <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
                          boolean extractable,
                          sequence&lt;<a href="#dfn-KeyUsage">KeyUsage</a>&gt; keyUsages );
-  Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-exportKey">exportKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format, <a href="#dfn-Key">Key</a> key);
+  Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-exportKey">exportKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format, <a href="#dfn-CryptoKey">CryptoKey</a> key);
 
   <span class="comment">// Note: wrapKey and unwrapKey remain "Features at Risk"</span>
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-wrapKey">wrapKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format,
-                       <a href="#dfn-Key">Key</a> key,
-                       <a href="#dfn-Key">Key</a> wrappingKey,
+                       <a href="#dfn-CryptoKey">CryptoKey</a> key,
+                       <a href="#dfn-CryptoKey">CryptoKey</a> wrappingKey,
                        <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> wrapAlgorithm);
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-unwrapKey">unwrapKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format,
                          CryptoOperationData wrappedKey,
-                         <a href="#dfn-Key">Key</a> unwrappingKey,
+                         <a href="#dfn-CryptoKey">CryptoKey</a> unwrappingKey,
                          <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> unwrapAlgorithm,
                          <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> unwrappedKeyAlgorithm,
                          boolean extractable,
@@ -1141,7 +1147,8 @@
           <h3>14.2. Data Types</h3>
           <dl>
             <dt id="dfn-KeyFormat"><code>KeyFormat</code></dt>
-            <dd>Specifies a serialization format for a key. The <dfn id="dfn-RecognizedKeyFormats">recognized key format values</dfn> are:
+            <dd>
+              Specifies a serialization format for a key. The <dfn id="dfn-RecognizedKeyFormats">recognized key format values</dfn> are:
               <dl>
                 <dt><code>raw</code></dt>
                 <dd>An unformatted sequence of bytes. Intended for secret keys.</dd>
@@ -1171,7 +1178,7 @@
               method returns a new Promise object that will encrypt data using
               the specified 
               <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with
-              the supplied <a href="#dfn-Key"><code>Key</code></a>. It must act
+              the supplied <a href="#dfn-CryptoKey"><code>CryptoKey</code></a>. It must act
               as follows:
             </p>
             <ol>
@@ -1234,10 +1241,8 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var> does not
-                  contain an entry that is <code>"encrypt"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var> does
+                  not contain an entry that is <code>"encrypt"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1262,7 +1267,7 @@
               The <dfn id="dfn-SubtleCrypto-method-decrypt"><code>decrypt</code></dfn>
               method returns a new Promise object that will decrypt data using the specified
               <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with
-              the supplied <a href="#dfn-Key"><code>Key</code></a>. It must act
+              the supplied <a href="#dfn-CryptoKey"><code>CryptoKey</code></a>. It must act
               as follows:
             </p>
             <ol>
@@ -1325,10 +1330,8 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var> does not
-                  contain an entry that is <code>"decrypt"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var> does
+                  not contain an entry that is <code>"decrypt"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1351,10 +1354,9 @@
           <div id="SubtleCrypto-method-sign" class="section">
             <h4>14.3.3. The sign method</h4>
             <p>
-              The <dfn id="dfn-SubtleCrypto-method-sign"><code>sign</code></dfn> method
-              returns a new Promise object that will sign data using the specified
-              <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with
-              the supplied <a href="#dfn-Key"><code>Key</code></a>. It must act as follows:
+              The <dfn id="dfn-SubtleCrypto-method-sign"><code>sign</code></dfn> method returns a
+              new Promise object that will sign data using the specified <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with the supplied
+              <a href="#dfn-CryptoKey"><code>CryptoKey</code></a>. It must act as follows:
             </p>
             <ol>
               <li>
@@ -1416,10 +1418,8 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var> does not
-                  contain an entry that is <code>"sign"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var> does
+                  not contain an entry that is <code>"sign"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1441,10 +1441,9 @@
           <div id="SubtleCrypto-method-verify" class="section">
             <h4>14.3.4. The verify method</h4>
             <p>
-              The <dfn id="dfn-SubtleCrypto-method-verify"><code>verify</code></dfn> method
-              returns a new Promise object that will verify data using the specified
-              <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with
-              the supplied <a href="#dfn-Key"><code>Key</code></a>. It must act as follows:
+              The <dfn id="dfn-SubtleCrypto-method-verify"><code>verify</code></dfn> method returns
+              a new Promise object that will verify data using the specified <a href="#dfn-AlgorithmIdentifier"><code>AlgorithmIdentifier</code></a> with the supplied
+              <a href="#dfn-CryptoKey"><code>CryptoKey</code></a>. It must act as follows:
             </p>
             <ol>
               <li>
@@ -1512,10 +1511,8 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var> does not
-                  contain an entry that is <code>"verify"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var> does
+                  not contain an entry that is <code>"verify"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1777,10 +1774,8 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>baseKey</var> does not
-                  contain an entry that is <code>"deriveKey"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>baseKey</var>
+                  does not contain an entry that is <code>"deriveKey"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1884,10 +1879,8 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>baseKey</var> does not
-                  contain an entry that is <code>"deriveBits"</code>,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>baseKey</var>
+                  does not contain an entry that is <code>"deriveBits"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -1994,7 +1987,7 @@
               </li>
               <li>
                 <p>
-                  Let <var>result</var> be the <a href="#dfn-Key">Key</a> object that
+                  Let <var>result</var> be the <a href="#dfn-CryptoKey">CryptoKey</a> object that
                   results from performing the import key operation specified by
                   <var>normalizedAlgorithm</var> using <var>keyData</var>,
                   <var>algorithm</var>, 
@@ -2079,15 +2072,15 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-extractable">extractable</a> attribute of <var>key</var>
-                  is false, then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+                  <var>key</var> is false, then <a href="#concept-return-an-error">return an
+                  error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>         
               </li>
               <li>
                 <p>
                   Let <var>result</var> be the result of performing the export key operation
-                  specified by the <a href="#dfn-Key-algorithm">algorithm</a>
+                  specified by the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                   attribute of <var>key</var> using <var>key</var> and <var>format</var>.
                 </p>
               </li>
@@ -2176,32 +2169,30 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>wrappingKey</var>
-                  does not contain an entry that is
-                  <code>"wrapKey"</code>, then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
-                </p>
-              </li>
-              <li>
-                <p>
-                  If the algorithm identified by the <a href="#dfn-Key-algorithm">algorithm</a>
-                  attribute of <var>key</var> does not support the export key operation,
-                  then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-NotSupportedError"><code>NotSupportedError</code></a>.
-                </p>
-              </li>
-              <li>
-                <p>
-                  If the <a href="#dfn-Key-extractable">extractable</a> attribute of <var>key</var>
-                  is false, then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                  <var>wrappingKey</var> does not contain an entry that is <code>"wrapKey"</code>,
+                  then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                </p>
+              </li>
+              <li>
+                <p>
+                  If the algorithm identified by the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> does not
+                  support the export key operation, then <a href="#concept-return-an-error">return
+                  an error</a> named <a href="#dfn-NotSupportedError"><code>NotSupportedError</code></a>.
+                </p>
+              </li>
+              <li>
+                <p>
+                  If the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+                  <var>key</var> is false, then <a href="#concept-return-an-error">return an
+                  error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>         
               </li>
               <li>
                 <p>
-                  Let <var>bytes</var> be the result of performing the export key operation specified
-                  the <a href="#dfn-Key-algorithm">algorithm</a>
-                  attribute of <var>key</var> using <var>key</var> and <var>format</var>.
+                  Let <var>bytes</var> be the result of performing the export key operation
+                  specified the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                  <var>key</var> using <var>key</var> and <var>format</var>.
                 </p>
                 <div class="note"><div class="noteHeader">Note</div>
                   <p class="norm">
@@ -2343,10 +2334,10 @@
               </li>
               <li>
                 <p>
-                  If the <a href="#dfn-Key-usages">usages</a> attribute of <var>unwrappingKey</var>
-                  does not contain an entry that is
-                  <code>"unwrapKey"</code>, then <a href="#concept-return-an-error">return an error</a> named
-                  <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                  If the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                  <var>unwrappingKey</var> does not contain an entry that is
+                  <code>"unwrapKey"</code>, then <a href="#concept-return-an-error">return an
+                  error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                 </p>
               </li>
               <li>
@@ -2525,13 +2516,13 @@
       <div id="keypair" class="section">
         <h2>17. KeyPair</h2>
         <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
-interface <dfn id="dfn-KeyPair">KeyPair</dfn> {
-  readonly attribute <a href="#dfn-Key">Key</a> publicKey;
-  readonly attribute <a href="#dfn-Key">Key</a> privateKey;
+interface <dfn id="dfn-CryptoKeyPair">CryptoKeyPair</dfn> {
+  readonly attribute <a href="#dfn-CryptoKey">CryptoKey</a> publicKey;
+  readonly attribute <a href="#dfn-CryptoKey">CryptoKey</a> privateKey;
 };
         </code></pre></div></div>
         <p>
-          The <a href="#dfn-KeyPair">KeyPair</a> interface represents an
+          The <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a> interface represents an
           asymmetric key pair that is comprised of both public and private keys.
         </p>
       </div>
@@ -3027,12 +3018,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -3072,10 +3063,9 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"public"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"public"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -3107,10 +3097,9 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"private"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"private"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>
                     </p>
                   </li>
                   <li>
@@ -3211,71 +3200,71 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the public key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      to <code>"public"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the public key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> to <code>"public"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
-                      <var>publicKey</var> to be the
-                      <a href="#concept-usage-intersection">usage intersection</a> of
-                      <var>usages</var> and <code>[ "encrypt", "wrapKey" ]</code>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                      <var>publicKey</var> to be the <a href="#concept-usage-intersection">usage
+                      intersection</a> of <var>usages</var> and <code>[ "encrypt", "wrapKey"
+                      ]</code>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
-                      <var>privateKey</var> to be the
-                      <a href="#concept-usage-intersection">usage intersection</a> of
-                      <var>usages</var> and <code>[ "decrypt", "unwrapKey" ]</code>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                      <var>privateKey</var> to be the <a href="#concept-usage-intersection">usage
+                      intersection</a> of <var>usages</var> and <code>[ "decrypt", "unwrapKey"
+                      ]</code>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -3352,14 +3341,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA public key identified by <var>publicKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA public key identified by
+                              <var>publicKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                         </ol>
@@ -3411,14 +3401,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA private key identified by <var>rsaPrivateKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA private key identified by
+                              <var>rsaPrivateKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>
                             </p>
                           </li>
                         </ol>
@@ -3483,15 +3474,15 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA private key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.2 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA private key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.2 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"private"</code>
                                     </p>
                                   </li>
@@ -3511,15 +3502,15 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA public key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.1 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA public key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.1 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"public"</code>
                                     </p>
                                   </li>
@@ -3564,7 +3555,7 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>
                     </p>
                   </li>
@@ -3588,10 +3579,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -3637,10 +3626,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -3717,8 +3704,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>"private"</code>:
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"private"</code>:
                               </dt>
                               <dd>
                                 <ol>
@@ -3746,12 +3733,12 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              Set the <code>key_ops</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -3833,12 +3820,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -3890,18 +3877,17 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"private"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"private"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
                     <p>
                       Perform the signature generation operation defined in Section 8.2 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
                       as the signer's private key and the <a href="#concept-contents-of-arraybuffer">contents of <var>message</var></a> as
-                      <var>M</var> and using the hash function specified in the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var> as the
-                      Hash option for the EMSA-PKCS1-v1_5 encoding method.
+                      <var>M</var> and using the hash function specified in the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> as
+                      the Hash option for the EMSA-PKCS1-v1_5 encoding method.
                     </p>
                   </li>
                   <li>
@@ -3925,10 +3911,9 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"public"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"public"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -3938,8 +3923,8 @@
                       <var>key</var> as the signer's RSA public key and the <a href="#concept-contents-of-arraybuffer">contents of <var>message</var></a> as
                       <var>M</var> and the <a href="#concept-contents-of-arraybuffer">contents of
                       <var>signature</var></a> as <var>S</var> and using the hash function specified
-                      in the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var> as the
-                      Hash option for the EMSA-PKCS1-v1_5 encoding method.
+                      in the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> as
+                      the Hash option for the EMSA-PKCS1-v1_5 encoding method.
                     </p>
                   </li>
                   <li>
@@ -4042,31 +4027,31 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the public key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      to <code>"public"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the public key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> to <code>"public"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>publicKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "verify" ]</code>.
@@ -4074,39 +4059,38 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
-                      <var>privateKey</var> to be the
-                      <a href="#concept-usage-intersection">usage intersection</a> of
-                      <var>usages</var> and <code>[ "sign" ]</code>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                      <var>privateKey</var> to be the <a href="#concept-usage-intersection">usage
+                      intersection</a> of <var>usages</var> and <code>[ "sign" ]</code>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -4278,14 +4262,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA public key identified by <var>publicKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA public key identified by
+                              <var>publicKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                         </ol>
@@ -4410,14 +4395,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA private key identified by <var>rsaPrivateKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA private key identified by
+                              <var>rsaPrivateKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>
                             </p>
                           </li>
                         </ol>
@@ -4536,15 +4522,15 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA private key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.2 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA private key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.2 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"private"</code>
                                     </p>
                                   </li>
@@ -4561,15 +4547,15 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA public key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.1 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA public key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.1 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"public"</code>
                                     </p>
                                   </li>
@@ -4621,7 +4607,7 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>
                     </p>
                   </li>
@@ -4646,10 +4632,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -4695,10 +4679,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -4821,8 +4803,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>"private"</code>:
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"private"</code>:
                               </dt>
                               <dd>
                                 <ol>
@@ -4850,12 +4832,12 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -4939,12 +4921,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -4971,7 +4953,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"private"</code>,
                       then <a href="#concept-return-an-error">return an error</a> named
                       <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -4997,8 +4979,8 @@
                       Perform the signature generation operation defined in Section 8.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>] with the key represented by <var>key</var>
                       as the signer's private key, <var>K</var>, and the <a href="#concept-contents-of-arraybuffer">contents of <var>message</var></a> as
                       the message to be signed, <var>M</var>, and using the hash function specified
-                      by the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var> as the
-                      Hash option, MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and the <a href="#dfn-RsaPssParams-saltLength">saltLength</a> member of
+                      by the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> as
+                      the Hash option, MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and the <a href="#dfn-RsaPssParams-saltLength">saltLength</a> member of
                       <var>normalizedAlgorithm</var> as the salt length option for the
                       EMM-PSS-ENCODE operation.
                     </p>
@@ -5024,10 +5006,9 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"public"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"public"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -5052,8 +5033,8 @@
                       <var>key</var> as the signer's RSA public key and the <a href="#concept-contents-of-arraybuffer">contents of <var>message</var></a> as
                       <var>M</var> and <a href="#concept-contents-of-arraybuffer">the contents of
                       <var>signature</var></a> as <var>S</var> and using the hash function specified
-                      by the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var> as the
-                      Hash option, MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and the <a href="#dfn-RsaPssParams-saltLength">saltLength</a> member of
+                      by the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var> as
+                      the Hash option, MGF1 (defined in Section B.2.1 of [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option and the <a href="#dfn-RsaPssParams-saltLength">saltLength</a> member of
                       <var>normalizedAlgorithm</var> as the salt length option for the
                       EMSA-PSS-VERIFY operation.
                     </p>
@@ -5159,63 +5140,62 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the public key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      to <code>"public"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the public key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> to <code>"public"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
-                      <var>publicKey</var> to be the
-                      <a href="#concept-usage-intersection">usage intersection</a> of
-                      <var>usages</var> and <code>[ "verify" ]</code>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
+                      <var>publicKey</var> to be the <a href="#concept-usage-intersection">usage
+                      intersection</a> of <var>usages</var> and <code>[ "verify" ]</code>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>privateKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "sign" ]</code>.
@@ -5223,7 +5203,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -5448,14 +5428,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA public key identified by <var>publicKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA public key identified by
+                              <var>publicKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                         </ol>
@@ -5637,14 +5618,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA private key identified by <var>rsaPrivateKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA private key identified by
+                              <var>rsaPrivateKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>
                             </p>
                           </li>
                         </ol>
@@ -5763,15 +5745,15 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA private key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.2 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA private key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.2 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"private"</code>
                                     </p>
                                   </li>
@@ -5788,15 +5770,15 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA public key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.1 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA public key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.1 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"public"</code>
                                     </p>
                                   </li>
@@ -5848,7 +5830,7 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>
                     </p>
                   </li>
@@ -5873,10 +5855,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -5916,8 +5896,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-1</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-1</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -5928,8 +5908,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-256</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-256</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -5940,8 +5920,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-384</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-384</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -5952,8 +5932,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-512</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-512</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -5990,7 +5970,7 @@
                                         <p>
                                           Set the <var>saltLength</var> field to the length in
                                           octets of the digest algorithm identified by the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute
-                                          of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                          of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                           attribute of <var>key</var>.
                                         </p>
                                       </li>
@@ -6015,10 +5995,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -6063,8 +6041,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-1</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-1</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6075,8 +6053,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-256</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-256</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6087,8 +6065,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-384</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-384</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6099,8 +6077,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-512</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-512</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -6137,7 +6115,7 @@
                                         <p>
                                           Set the <var>saltLength</var> field to the length in
                                           octets of the digest algorithm identified by the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a> attribute
-                                          of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                          of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                           attribute of <var>key</var>.
                                         </p>
                                       </li>
@@ -6178,8 +6156,8 @@
                             <p>
                               Let <var>hash</var> be the <a href="#dfn-KeyAlgorithm-name">name</a>
                               attribute of the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a>
-                              attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                              of <var>key</var>.
+                              attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                              attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
@@ -6231,8 +6209,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>"private"</code>:
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"private"</code>:
                               </dt>
                               <dd>
                                 <ol>
@@ -6260,12 +6238,12 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -6349,12 +6327,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td><a href="#dfn-RsaHashedImportParams">RsaHashedImportParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -6382,7 +6360,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"public"</code>,
                       then <a href="#concept-return-an-error">return an error</a> named
                       <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -6410,7 +6388,7 @@
                       as the message to be encrypted, <var>M</var> and the <a href="#concept-contents-of-arraybuffer">contents of</a> <a href="#dfn-RsaOaepParams-label">label</a> member of
                       <var>normalizedAlgorithm</var> as the label, <var>L</var>, and with the hash
                       function specified by the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a>
-                      attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> as the Hash option and MGF1 (defined in Section B.2.1 of
                       [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
                     </p>
@@ -6436,7 +6414,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"private"</code>,
                       then <a href="#concept-return-an-error">return an error</a> named
                       <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -6464,7 +6442,7 @@
                       as the ciphertext to be decrypted, C, and the <a href="#concept-contents-of-arraybuffer">contents of</a> the <a href="#dfn-RsaOaepParams-label">label</a> member of
                       <var>normalizedAlgorithm</var> as the label, <var>L</var>, and with the hash
                       function specified by the <a href="#dfn-RsaHashedKeyAlgorithm-hash">hash</a>
-                      attribute of the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> as the Hash option and MGF1 (defined in Section B.2.1 of
                       [<cite><a href="#RFC3447">RFC3447</a></cite>]) as the MGF option.
                     </p>
@@ -6570,31 +6548,31 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the public key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      to <code>"public"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the public key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> to <code>"public"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>publicKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "encrypt", "wrapKey" ]</code>.
@@ -6602,31 +6580,31 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>privateKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "decrypt", "unwrapKey" ]</code>.
@@ -6634,7 +6612,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -6858,14 +6836,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA public key identified by <var>publicKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA public key identified by
+                              <var>publicKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                         </ol>
@@ -7048,14 +7027,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the RSA private key identified by <var>rsaPrivateKey</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the RSA private key identified by
+                              <var>rsaPrivateKey</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>
                             </p>
                           </li>
                         </ol>
@@ -7145,24 +7125,21 @@
                                 <ol>
                                   <li>
                                     <p>
-                                      If <var>jwk</var> does not meet the requirements of
-                                      Section 6.3.2 of <a href="#jwa">JSON Web
-                                      Algorithms</a>,
-                                      then <a href="#concept-return-an-error">return an error</a> named
-                                      <a href="#dfn-DataError"><code>DataError</code></a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA private key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.2 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      If <var>jwk</var> does not meet the requirements of Section
+                                      6.3.2 of <a href="#jwa">JSON Web Algorithms</a>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA private key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.2 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"private"</code>
                                     </p>
                                   </li>
@@ -7179,15 +7156,15 @@
                                   </li>
                                   <li>
                                     <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the RSA public key identified by interpreting
-                                      <var>jwk</var> according to Section 6.3.1 of <a href="#jwa">
-                                      JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      RSA public key identified by interpreting <var>jwk</var>
+                                      according to Section 6.3.1 of <a href="#jwa"> JSON Web
+                                      Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>key</var> to <code>"public"</code>
                                     </p>
                                   </li>
@@ -7239,7 +7216,7 @@
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>key</var> to <var>algorithm</var>
                     </p>
                   </li>
@@ -7264,10 +7241,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -7307,8 +7282,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-1</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-1</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7319,8 +7294,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-256</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-256</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7331,8 +7306,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-384</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-384</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7343,8 +7318,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-512</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-512</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7398,10 +7373,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -7446,8 +7419,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-1</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-1</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7458,8 +7431,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-256</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-256</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7470,8 +7443,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-384</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-384</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7482,8 +7455,8 @@
                                           <dt>
                                             If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                             attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                            the <a href="#dfn-Key-algorithm">algorithm</a> attribute
-                                            of <var>key</var> is <code>SHA-512</code>:
+                                            the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
+                                            attribute of <var>key</var> is <code>SHA-512</code>:
                                           </dt>
                                           <dd>
                                             <p>
@@ -7556,7 +7529,7 @@
                               <dt>
                                 If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                 attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                the <a href="#dfn-Key-algorithm">algorithm</a> attribute
+                                the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute
                                 of <var>key</var> is <code>SHA-1</code>:
                               </dt>
                               <dd>
@@ -7568,7 +7541,7 @@
                               <dt>
                                 If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                 attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                the <a href="#dfn-Key-algorithm">algorithm</a> attribute
+                                the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute
                                 of <var>key</var> is <code>SHA-256</code>:
                               </dt>
                               <dd>
@@ -7580,7 +7553,7 @@
                               <dt>
                                 If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                 attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                the <a href="#dfn-Key-algorithm">algorithm</a> attribute
+                                the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute
                                 of <var>key</var> is <code>SHA-384</code>:
                               </dt>
                               <dd>
@@ -7592,7 +7565,7 @@
                               <dt>
                                 If the <a href="#dfn-KeyAlgorithm-name">name</a>
                                 attribute of the <a href="#dfn-RsaHashedKeyAlgorithm">hash</a> attribute of
-                                the <a href="#dfn-Key-algorithm">algorithm</a> attribute
+                                the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute
                                 of <var>key</var> is <code>SHA-512</code>:
                               </dt>
                               <dd>
@@ -7613,8 +7586,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>"private"</code>:
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"private"</code>:
                               </dt>
                               <dd>
                                 <ol>
@@ -7642,12 +7615,12 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -7730,12 +7703,12 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-EcKeyGenParams">EcKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>importKey</td>
                   <td>None</td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -7808,10 +7781,9 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                      is not <code>"private"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var> is
+                      not <code>"private"</code>, then <a href="#concept-return-an-error">return an
+                      error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -7904,7 +7876,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"public"</code>,
                       then <a href="#concept-return-an-error">return an error</a> named
                       <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -8044,61 +8016,61 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the public key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      to <code>"public"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the public key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> to <code>"public"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>publicKey</var> to be the empty list.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>privateKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "sign", "verify" ]</code>.
@@ -8106,7 +8078,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -8190,16 +8162,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the Elliptic Curve public key identified by performing the
-                              conversion steps defined in Section 2.2 of <a href="#RFC5480">RFC
-                              5480</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the Elliptic Curve public key identified by
+                              performing the conversion steps defined in Section 2.2 of <a href="#RFC5480">RFC 5480</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                           <li>
@@ -8256,7 +8227,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -8343,16 +8314,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the Elliptic Curve private key identified by performing the
-                              conversion steps defined in Section 3 of <a href="#RFC5915">RFC
-                              5915</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the Elliptic Curve private key identified by
+                              performing the conversion steps defined in Section 3 of <a href="#RFC5915">RFC 5915</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>
                             </p>
                           </li>
                           <li>
@@ -8405,7 +8375,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -8470,21 +8440,19 @@
                                   <li>
                                     <p>
                                       If <var>jwk</var> does not meet the requirements of Section
-                                      6.2.2 of <a href="#jwa">JSON Web Algorithms</a>,
-                                      then <a href="#concept-return-an-error">return an error</a> named
-                                      <a href="#dfn-DataError"><code>DataError</code></a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the Elliptic Curve private key identified by
-                                      interpreting <var>jwk</var> according to Section 6.2.2 of <a href="#jwa">JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      6.2.2 of <a href="#jwa">JSON Web Algorithms</a>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      Elliptic Curve private key identified by interpreting
+                                      <var>jwk</var> according to Section 6.2.2 of <a href="#jwa">JSON Web Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>Key</var> to <code>"private"</code>.
                                     </p>
                                   </li>
@@ -8496,21 +8464,19 @@
                                   <li>
                                     <p>
                                       If <var>jwk</var> does not meet the requirements of Section
-                                      6.2.1 of <a href="#jwa">JSON Web Algorithms</a>,
-                                      then <a href="#concept-return-an-error">return an error</a> named
-                                      <a href="#dfn-DataError"><code>DataError</code></a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the Elliptic Curve public key identified by
-                                      interpreting <var>jwk</var> according to Section 6.2.1 of <a href="#jwa">JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      6.2.1 of <a href="#jwa">JSON Web Algorithms</a>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      Elliptic Curve public key identified by interpreting
+                                      <var>jwk</var> according to Section 6.2.1 of <a href="#jwa">JSON Web Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>Key</var> to <code>"public"</code>.
                                     </p>
                                   </li>
@@ -8572,7 +8538,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -8600,7 +8566,7 @@
                 <ol>
                   <li>
                     <p>
-                      Let <var>key</var> be the <a href="#dfn-Key">Key</a> to be exported.
+                      Let <var>key</var> be the <a href="#dfn-CryptoKey">CryptoKey</a> to be exported.
                     </p>
                   </li>
                   <li>
@@ -8610,10 +8576,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -8643,8 +8607,8 @@
                                     <dl class="switch">
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-256"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8655,8 +8619,8 @@
                                       </dd>
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-384"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8667,8 +8631,8 @@
                                       </dd>
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-521"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8699,10 +8663,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              is not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -8737,8 +8699,8 @@
                                     <dl class="switch">
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-256"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8749,8 +8711,8 @@
                                       </dd>
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-384"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8761,8 +8723,8 @@
                                       </dd>
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-521"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -8823,7 +8785,7 @@
                             <dl class="switch">
                               <dt>
                                 If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                 attribute of <var>key</var> is <code>P-256</code>:
                               </dt>
                               <dd>
@@ -8832,7 +8794,7 @@
                               </dd>
                               <dt>
                                 If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                 attribute of <var>key</var> is <code>P-384</code>:
                               </dt>
                               <dd>
@@ -8841,7 +8803,7 @@
                               </dd>
                               <dt>
                                 If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
+                                attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a>
                                 attribute of <var>key</var> is <code>P-521</code>:
                               </dt>
                               <dd>
@@ -8867,8 +8829,8 @@
                           <li>
                             <dl class="switch">
                               <dt>
-                                If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                                is <code>private</code>
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>private</code>
                               </dt>
                               <dd>
                                 <p>
@@ -8882,12 +8844,12 @@
                           <li>
                             <p>
                               Set the <code>key_ops</code> property of <var>jwk</var> to the
-                              <a href="#dfn-Key-usages">usages</a> attribute of <var>key</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                              <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
@@ -8966,7 +8928,7 @@
                 <tr>
                   <td>generateKey</td>
                   <td><a href="#dfn-EcKeyGenParams">EcKeyGenParams</a></td>
-                  <td><a href="#dfn-KeyPair">KeyPair</a></td>
+                  <td><a href="#dfn-CryptoKeyPair">CryptoKeyPair</a></td>
                 </tr>
                 <tr>
                   <td>deriveBits</td>
@@ -8976,7 +8938,7 @@
                 <tr>
                   <td>importKey</td>
                   <td><a href="#dfn-EcKeyImportParams">EcKeyImportParams</a></td>
-                  <td><a href="#dfn-Key">Key</a></td>
+                  <td><a href="#dfn-CryptoKey">CryptoKey</a></td>
                 </tr>
                 <tr>
                   <td>exportKey</td>
@@ -8993,7 +8955,7 @@
 
 dictionary <dfn id="dfn-EcdhKeyDeriveParams">EcdhKeyDeriveParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The peer's EC public key.</span>
-  <a href="#dfn-Key">Key</a> <dfn id="dfn-EcdhKeyDeriveParams-public">public</dfn>;
+  <a href="#dfn-CryptoKey">CryptoKey</a> <dfn id="dfn-EcdhKeyDeriveParams-public">public</dfn>;
 };
             </code></pre></div></div>
           </div>
@@ -9064,61 +9026,61 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>publicKey</var> be a new <a href="#dfn-Key">Key</a> object
+                      Let <var>publicKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object
                       representing the public key of the generated key pair.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>publicKey</var>
                       to <code>"public"</code>
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>publicKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>publicKey</var> to true.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>publicKey</var> to be the empty list.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Let <var>privateKey</var> be a new <a href="#dfn-Key">Key</a> object
-                      representing the private key of the generated key pair.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-type">type</a> attribute of <var>privateKey</var>
-                      to <code>"private"</code>
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                      Let <var>privateKey</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                      object representing the private key of the generated key pair.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>privateKey</var> to <code>"private"</code>
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                       <var>privateKey</var> to be <var>algorithm</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                       <var>privateKey</var> to <var>extractable</var>.
                     </p>
                   </li>
                   <li>
                     <p>
-                      Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                      Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                       <var>privateKey</var> to be the
                       <a href="#concept-usage-intersection">usage intersection</a> of
                       <var>usages</var> and <code>[ "deriveKey", "deriveBits" ]</code>.
@@ -9126,7 +9088,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>result</var> be a new <a href="#dfn-KeyPair">KeyPair</a>
+                      Let <var>result</var> be a new <a href="#dfn-CryptoKeyPair">CryptoKeyPair</a>
                       object.
                     </p>
                   </li>
@@ -9154,7 +9116,7 @@
                 <ol>
                   <li>
                     <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of <var>key</var>
                       is not <code>"private"</code>,
                       then <a href="#concept-return-an-error">return an error</a> named
                       <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
@@ -9184,31 +9146,22 @@
                   </li>
                   <li>
                     <p>
-                      If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of the
-                      <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>publicKey</var> is
-                      not <code>"ECDH"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      If the <a href="#dfn-Key-type">type</a> attribute of <var>publicKey</var>
-                      is not
-                      <code>"public"</code>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                      If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                      <var>publicKey</var> is not <code>"ECDH"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                    </p>
+                  </li>
+                  <li>
+                    <p>
+                      If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                      <var>publicKey</var> is not <code>"public"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                     </p>
                   </li>
                   <li>
                     <p>
                       If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a> attribute of
-                      the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>publicKey</var>
-                      is not equal to the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                      property of
-                      the <a href="#dfn-Key-algorithm">algorithm</a> attribute of <var>key</var>,
-                      then <a href="#concept-return-an-error">return an error</a> named
-                      <a href="#dfn-DataError"><code>DataError</code></a>.
+                      the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                      <var>publicKey</var> is not equal to the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a> property of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of <var>key</var>,
+                      then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
                     </p>
                   </li>
                   <li>
@@ -9316,16 +9269,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the Elliptic Curve public key identified by performing the
-                              conversion steps defined in Section 2.2 of <a href="#RFC5480">RFC
-                              5480</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"public"</code>
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the Elliptic Curve public key identified by
+                              performing the conversion steps defined in Section 2.2 of <a href="#RFC5480">RFC 5480</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
                             </p>
                           </li>
                           <li>
@@ -9382,7 +9334,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -9472,16 +9424,15 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object that
-                              represents the Elliptic Curve private key identified by performing the
-                              conversion steps defined in Section 3 of <a href="#RFC5915">RFC
-                              5915</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              to <code>"private"</code>.
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object that represents the Elliptic Curve private key identified by
+                              performing the conversion steps defined in Section 3 of <a href="#RFC5915">RFC 5915</a>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"private"</code>.
                             </p>
                           </li>
                           <li>
@@ -9538,7 +9489,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -9601,21 +9552,19 @@
                                   <li>
                                     <p>
                                       If <var>jwk</var> does not meet the requirements of Section
-                                      6.2.2 of <a href="#jwa">JSON Web Algorithms</a>,
-                                      then <a href="#concept-return-an-error">return an error</a> named
-                                      <a href="#dfn-DataError"><code>DataError</code></a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the Elliptic Curve private key identified by
-                                      interpreting <var>jwk</var> according to Section 6.2.2 of <a href="#jwa">JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      6.2.2 of <a href="#jwa">JSON Web Algorithms</a>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      Elliptic Curve private key identified by interpreting
+                                      <var>jwk</var> according to Section 6.2.2 of <a href="#jwa">JSON Web Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>Key</var> to <code>"private"</code>.
                                     </p>
                                   </li>
@@ -9627,21 +9576,19 @@
                                   <li>
                                     <p>
                                       If <var>jwk</var> does not meet the requirements of Section
-                                      6.2.1 of <a href="#jwa">JSON Web Algorithms</a>,
-                                      then <a href="#concept-return-an-error">return an error</a> named
-                                      <a href="#dfn-DataError"><code>DataError</code></a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object
-                                      that represents the Elliptic Curve public key identified by
-                                      interpreting <var>jwk</var> according to Section 6.2.1 of <a href="#jwa">JSON Web Algorithms</a>.
-                                    </p>
-                                  </li>
-                                  <li>
-                                    <p>
-                                      Set the <a href="#dfn-Key-type">type</a> attribute of
+                                      6.2.1 of <a href="#jwa">JSON Web Algorithms</a>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a> object that represents the
+                                      Elliptic Curve public key identified by interpreting
+                                      <var>jwk</var> according to Section 6.2.1 of <a href="#jwa">JSON Web Algorithms</a>.
+                                    </p>
+                                  </li>
+                                  <li>
+                                    <p>
+                                      Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
                                       <var>Key</var> to <code>"public"</code>.
                                     </p>
                                   </li>
@@ -9703,7 +9650,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
@@ -9764,38 +9711,39 @@
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-KeyAlgorithm-namedCurve">namedCurve</a> attribute
-                              of <var>algorithm</var> to equal the <a href="#dfn-EcKeyImportParams-namedCurve">namedCurve</a> member of
+                              Set the <a href="#dfn-KeyAlgorithm-namedCurve">namedCurve</a>
+                              attribute of <var>algorithm</var> to equal the <a href="#dfn-EcKeyImportParams-namedCurve">namedCurve</a> member of
                               <var>normalizedAlgorithm</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>key</var> be a new <a href="#dfn-Key">Key</a> object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> to
-                              <code>"public"</code>
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <a href="#dfn-Key-algorithm">algorithm</a> attribute of
+                              Let <var>key</var> be a new <a href="#dfn-CryptoKey">CryptoKey</a>
+                              object.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> to <code>"public"</code>
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                               <var>key</var> to <var>algorithm</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-usages">usages</a> attribute of
+                              Set the <a href="#dfn-CryptoKey-usages">usages</a> attribute of
                               <var>key</var> to <var>usages</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <a href="#dfn-Key-extractable">extractable</a> attribute of
-                              <var>key</var> to <var>extractable</var>.
+                              Set the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute
+                              of <var>key</var> to <var>extractable</var>.
                             </p>
                           </li>
                         </ol>
@@ -9822,7 +9770,8 @@
                 <ol>
                   <li>
                     <p>
-                      Let <var>key</var> be the <a href="#dfn-Key">Key</a> to be exported.
+                      Let <var>key</var> be the <a href="#dfn-CryptoKey">CryptoKey</a> to be
+                      exported.
                     </p>
                   </li>
                   <li>
@@ -9832,10 +9781,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var> is
-                              not <code>"public"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"public"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -9865,8 +9812,8 @@
                                     <dl class="switch">
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-256"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -9877,8 +9824,8 @@
                                       </dd>
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-384"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -9889,8 +9836,8 @@
                                       </dd>
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-521"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -9921,10 +9868,8 @@
                         <ol>
                           <li>
                             <p>
-                              If the <a href="#dfn-Key-type">type</a> attribute of <var>key</var>
-                              is not <code>"private"</code>,
-                              then <a href="#concept-return-an-error">return an error</a> named
-                              <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
+                              If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                              <var>key</var> is not <code>"private"</code>, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-InvalidAccessError"><code>InvalidAccessError</code></a>.
                             </p>
                           </li>
                           <li>
@@ -9959,8 +9904,8 @@
                                     <dl class="switch">
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-256"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-256"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -9971,8 +9916,8 @@
                                       </dd>
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-384"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-384"</code>:
                                       </dt>
                                       <dd>
                                         <p>
@@ -9983,8 +9928,8 @@
                                       </dd>
                                       <dt>
                                         If the <a href="#dfn-EcKeyAlgorithm-namedCurve">namedCurve</a>
-                                        attribute of the <a href="#dfn-Key-algorithm">algorithm</a>
-                                        attribute of <var>key</var> is <code>"P-521"</code>:
+                                        attribute of the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
+                                        <var>key</var> is <code>"P-521"</code>:
                                       </dt>
                                       <dd>
                                         <p><