Bug 24963 - JWK import/export works on a dictionary type, rather than a DOMString
authorRyan Sleevi <sleevi@google.com>
Mon, 16 Jun 2014 00:00:00 -0700
changeset 195 f61017a76a5d
parent 194 ef1d2658a6cb
child 196 2974ae329b6b
Bug 24963 - JWK import/export works on a dictionary type, rather than a DOMString
spec/Overview-WebCryptoAPI.xml
spec/Overview.html
--- a/spec/Overview-WebCryptoAPI.xml	Mon Jun 16 00:00:00 2014 -0700
+++ b/spec/Overview-WebCryptoAPI.xml	Mon Jun 16 00:00:00 2014 -0700
@@ -623,34 +623,38 @@
           </li>
           <li>
             <p>
-              Let <var>json</var> be the unicode string that results from interpreting
+              Let <var>json</var> be the Unicode string that results from interpreting
               <var>data</var> according to UTF-8.
             </p>
           </li>
           <li>
             <p>
-              Let <var>result</var> be the result of translating <var>json</var> into an internal
-              object using the grammar specified in Section 15.12 of <a href="#ECMA-262">ECMA
-              262</a>.
+              Convert <var>json</var> to UTF-16.
             </p>
           </li>
           <li>
             <p>
-              If <var>result</var> does not describe an Object type, 
-              then <a href="#concept-return-an-error">return an error</a> named
-              <a href="#dfn-DataError"><code>DataError</code></a>.
+              Let <var>result</var> be the object literal that results from executing the
+              <code>JSON.parse</code> internal function, with <code>text</code>
+              argument set to a JavaScript String containing <var>json</var>.
             </p>
           </li>
           <li>
             <p>
-              If the <code>"kty"</code> field of <var>result</var> is not present, or is not a
-              string value, then <a href="#concept-return-an-error">return an error</a> named
-              <a href="#dfn-DataError"><code>DataError</code></a>.
+              Let <var>key</var> be the result of converting <var>result</var> to the IDL dictionary
+              type of <a href="#dfn-JsonWebKey">JsonWebKey</a>.
             </p>
           </li>
           <li>
             <p>
-              Return <var>result</var>.
+              If the <code>"kty"</code> field of <var>key</var> is not defined, then <a
+              href="#concept-return-an-error">return an error</a> named <a
+              href="#dfn-DataError"><code>DataError</code></a>.
+            </p>
+          </li>
+          <li>
+            <p>
+              Return <var>key</var>.
             </p>
           </li>
         </ol>
@@ -1076,7 +1080,7 @@
   
   <span class="comment">// TBD: <a href="https://www.w3.org/2012/webcrypto/track/issues/35">ISSUE-35</a></span>
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-importKey">importKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format,
-                         CryptoOperationData keyData,
+                         object keyData,
                          <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
                          boolean extractable,
                          sequence&lt;<a href="#dfn-KeyUsage">KeyUsage</a>&gt; keyUsages );
@@ -1152,7 +1156,7 @@
                 <dt><code>spki</code></dt>
                 <dd>The DER encoding of the SubjectPublicKeyInfo structure from <a href="#RFC5280">RFC 5280</a>.</dd>
                 <dt><code>jwk</code></dt>
-                <dd>The key is represented as JSON according to the JSON Web Key format.</dd>
+                <dd>The key is a <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary encoded as a JavaScript object</dd>
               </dl>
             </dd>
           </dl>
@@ -1929,12 +1933,27 @@
                 </p>
               </li>
               <li>
-                <p>
-                  Let <var>keyData</var> be the result of
-                  <a href="#concept-clone-CryptoOperationData">cloning the data</a> of the
-                  <code>keyData</code> parameter passed to the
-                  <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method.
-                </p>
+                <dl class="switch">
+                  <dt>
+                    If <var>format</var> is equal to the string <code>raw</code>,
+                    <code>pkcs8</code>, or <code>spki</code>:
+                  </dt>
+                  <dd>
+                    Let <var>keyData</var> be the result of
+                    <a href="#concept-clone-CryptoOperationData">cloning the data</a> of the
+                    <code>keyData</code> parameter passed to the
+                    <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method.
+                  </dd>
+                  <dt>
+                    If <var>format</var> is equal to the string <code>jwk</code>:
+                  </dt>
+                  <dd>
+                    Let <var>keyData</var> be the result of converting the <code>keyData</code>
+                    parameter passed to the <a
+                    href="#dfn-SubtleCrypto-method-importKey">importKey</a> method to a <a
+                    href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.
+                  </dd>
+                </dl>
               </li>
               <li>
                 <p>
@@ -2011,15 +2030,6 @@
                 </p>
               </li>
             </ol>
-            <div class="ednote">
-              <a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=24963">Bug 24963</a> -
-              There is an open question as to whether/how to support importing
-              keys when format is <code>jwk</code>. As currently specified, it is a
-              JSON-encoded Javascript object, converted to a UTF-8 byte sequence, with the
-              raw bytes provided via <code>CryptoOperationData</code>. A separate
-              proposal exists to handle this via IDL, permitting importing JavaScript
-              objects directly when importing with <code>jwk</code>.
-            </div>
           </div>
 
           <div id="SubtleCrypto-method-exportKey" class="section">
@@ -2109,15 +2119,6 @@
                 </p>
               </li>
             </ol>
-            <div class="ednote">
-              <a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=24963">Bug 24963</a> -
-              There is an open question as to whether/how to support exporting
-              keys when format is <code>jwk</code>. As currently specified, the result
-              is a JSON-encoded Javascript object, converted to a UTF-8 byte
-              sequence, with the raw bytes provided via an ArrayBuffer. A separate
-              proposal exists to return an actual Javascript object when exporting
-              with <code>jwk</code>.
-            </div>
           </div>
 
           <div id="SubtleCrypto-method-wrapKey" class="section">
@@ -2212,10 +2213,49 @@
               </li>
               <li>
                 <p>
-                  Let <var>bytes</var> be the result of performing the export key operation
+                  Let <var>key</var> be the result of performing the export key operation
                   specified the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                   <var>key</var> using <var>key</var> and <var>format</var>.
                 </p>
+              </li>
+              <li>
+                <dl class="switch">
+                  <dt>
+                    If <var>format</var> is equal to the strings <code>raw</code>, <code>pkcs8</code>,
+                    or <code>spki</code>:
+                  </dt>
+                  <dd>
+                    Set <var>bytes</var> be set to <var>key</var>.
+                  </dd>
+                  <dt>
+                    If <var>format</var> is equal to the string <code>jwk</code>:
+                  </dt>
+                  <dd>
+                    <ol>
+                      <li>
+                        <p>
+                          Convert <var>key</var> to an ECMAScript Object, as specified in [
+                          <a href="#WebIDL">WEBIDL</a>].
+                        </p>
+                      </li>
+                      <li>
+                        <p>
+                          Let <var>json</var> be the result of representing <var>key</var> as a
+                          UTF-16 string conforming to the JSON grammar; for example, by executing
+                          the <code>JSON.stringify</code> algorithm specified in
+                          <a href="#ECMA-262">ECMA262</a>.
+                        </p>
+                      </li>
+                      <li>
+                        <p>
+                          Let <var>bytes</var> be the byte sequence the results from converting
+                          <var>json</var>, a JavaScript String comprised of UTF-16 code points, to
+                          UTF-8 code points.
+                        </p>
+                      </li>
+                    </ol>
+                  </dd>
+                </dl>
                 <div class="note">
                   <p class="norm">
                     This note is non-normative.
@@ -2226,7 +2266,9 @@
                     length and RSA-OAEP places a restriction on the length. For key formats that
                     offer flexibility in serialization of a given key (for example JWK),
                     implementations may choose to adapt the serialization to the constraints of
-                    the wrapping algorithm.
+                    the wrapping algorithm. This is why JSON.stringify is not normatively required,
+                    as otherwise it would prohibit implementations from introducing added
+                    padding.
                   </p>
                 </div>
               </li>
@@ -2383,7 +2425,7 @@
                 <dl class="switch">
                   <dt>If <var>normalizedAlgorithm</var> supports an unwrap key operation:</dt>
                   <dd>
-                    Let <var>bytes</var> be the result of performing the unwrap key operation
+                    Let <var>key</var> be the result of performing the unwrap key operation
                     specified by <var>normalizedAlgorithm</var> using <var>algorithm</var>,
                     <var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
                     <var>ciphertext</var>.
@@ -2393,7 +2435,7 @@
                     operation:
                   </dt>
                   <dd>
-                    Let <var>bytes</var> be the result of performing the decrypt operation specified
+                    Let <var>key</var> be the result of performing the decrypt operation specified
                     by <var>normalizedAlgorithm</var> using <var>algorithm</var>,
                     <var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
                     <var>ciphertext</var>.
@@ -2406,6 +2448,25 @@
                 </dl>
               </li>
               <li>
+                <dl class="switch">
+                  <dt>
+                    If <var>format</var> is equal to the strings <code>raw</code>,
+                    <code>pkcs8</code>, or <code>spki</code>:
+                  </dt>
+                  <dd>
+                    Set <var>bytes</var> be set to <var>key</var>.
+                  </dd>
+                  <dt>
+                    If <var>format</var> is equal to the string <code>jwk</code>:
+                  </dt>
+                  <dd>
+                    Let <var>bytes</var> be the result of executing the
+                    <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm, withe <var>key</var>
+                    as the <code>data</code> to be parsed.
+                  </dd>
+                </dl>
+              </li>
+              <li>
                 <p>
                   Let <var>result</var> be the result of performing the import key operation
                   specified by <var>normalizedKeyAlgorithm</var> using
@@ -2490,6 +2551,53 @@
         </div>
       </div>
 
+      <div id="JsonWebKey-dictionary" class="section">
+        <h2>JsonWebKey dictionary</h2>
+        <x:codeblock language="idl">
+dictionary <dfn id="dfn-RsaOtherPrimesInfo">RsaOtherPrimesInfo</dfn> {
+  <span class="comment">// The following fields are defined in Section 6.3.2.7 of <a href="#jwa">JSON Web Algorithms</a></span>
+  DOMString r;
+  DOMString d;
+  DOMString t;
+};
+
+dictionary <dfn id="dfn-JsonWebKey">JsonWebKey</dfn> {
+  <span class="comment">// The following fields are defined in Section 3.1 of <a href="#jwk">JSON Web Key</a></span>
+  DOMString kty;
+  DOMString use;
+  sequence&lt;DOMString&gt; key_ops;
+  DOMString alg;
+
+  <span class="comment">// The following fields are defined in <a href="#iana-section-jwk">JSON Web Key Parameters Registration</a></span>
+  boolean ext;
+
+  <span class="comment">// The following fields are defined in Section 6 of <a href="#jwa">JSON Web Algorithms</a></span>
+  DOMString crv;
+  DOMString x;
+  DOMString y;
+  DOMString d;
+  DOMString n;
+  DOMString e;
+  DOMString p;
+  DOMString q;
+  DOMString dp;
+  DOMString dq;
+  DOMString qi;
+  sequence&lt;RsaOtherPrimesInfo&gt; oth;
+  DOMString k;
+};
+        </x:codeblock>
+        <div id="JsonWebKey-description">
+          <h3>Description</h3>
+          <p class="norm">The following section is non-normative</p>
+          <p>
+            The <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary provides a way to represent
+            and exchange cryptographic keys represented by the <a href="#JWK">JSON Web Key</a>
+            structure, while allowing native and efficient use within Web Cryptography API
+            applications.
+          </p>
+        </div>
+      </div>
 
       <div id="WorkerCrypto-interface" class="section">
         <h2>WorkerCrypto interface</h2>
@@ -3049,7 +3157,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
@@ -3448,9 +3556,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -3618,7 +3725,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
@@ -3653,6 +3760,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>array</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -3668,7 +3781,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
                               with the following properties:
                             </p>
@@ -3715,25 +3828,34 @@
                               </li>
                             </ul>                              
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ul>
                           <li>
-                            <p>Let <var>jwk</var> be a new internal object.</p>
-                          </li>
-                          <li>
-                            <p>Set the <code>kty</code> property of <var>jwk</var> to the string
+                            <p>
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
                             <code>"RSA"</code>.</p>
                           </li>
                           <li>
-                            <p>Set the <code>alg</code> property of <var>jwk</var> to the string
+                            <p>Set the <code>alg</code> attribute of <var>jwk</var> to the string
                             <code>"RSA1_5"</code>.</p>
                           </li>
                           <li>
                             <p>
-                              Set the properties <code>n</code> and <code>e</code> of <var>jwk</var>
+                              Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
                               according to the corresponding definitions in <a href="#jwa">JSON Web
                               Algorithms</a>, Section 6.3.1.
                             </p>
@@ -3748,7 +3870,7 @@
                                 <ol>
                                   <li>
                                     <p>
-                                      Set the properties named <code>d</code>, <code>p</code>,
+                                      Set the attributes named <code>d</code>, <code>p</code>,
                                       <code>q</code>, <code>dp</code>, <code>dq</code>, and
                                       <code>qi</code> of <var>jwk</var> according to the
                                       corresponding definitions in <a href="#jwa">JSON Web
@@ -3759,7 +3881,7 @@
                                     <p>
                                       If the underlying RSA private key represented by
                                       <var>key</var> is represented by more than two primes, set the
-                                      member named <code>oth</code> of <var>jwk</var> according to
+                                      attribute named <code>oth</code> of <var>jwk</var> according to
                                       the corresponding definition in <a href="#jwa">JSON Web
                                       Algorithms</a>, Section 6.3.2.7
                                     </p>
@@ -3770,28 +3892,21 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to the <a
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a
                               href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to the <a
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a
                               href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding
-                              <var>jwk</var> according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>result</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ul>
@@ -3806,13 +3921,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> containing
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -3869,7 +3978,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
@@ -4476,9 +4585,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -4707,7 +4815,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
@@ -4742,6 +4850,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -4757,7 +4871,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
                               with the following properties:
                             </p>
@@ -4804,16 +4918,22 @@
                               </li>
                             </ul>                              
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ul>
                           <li>
-                            <p>Let <var>jwk</var> be a new internal object.</p>
-                          </li>
-                          <li>
-                            <p>Set the <code>kty</code> field of <var>jwk</var> to the string
+                            <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.</p>
+                          </li>
+                          <li>
+                            <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
                             <code>"RSA"</code>.</p>
                           </li>
                           <li>
@@ -4828,28 +4948,28 @@
                               <dt>If <var>hash</var> is <code>SHA-1</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>RS1</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-256</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>RS256</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-384</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>RS384</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-512</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>RS512</code>.
                                 </p>
                               </dd>
@@ -4863,12 +4983,12 @@
                             </dl>
                           </li>
                           <li>
-                            <p>Set the <code>alg</code> field of <var>jwk</var> to the string
-                            <code>"RSA1_5"</code>.</p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+                            <p>Set the <code>alg</code> attribute of <var>jwk</var> to the string
+                            <code>RSA1_5</code>.</p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
                               according to the corresponding definitions in <a href="#jwa">JSON Web
                               Algorithms</a>, Section 6.3.1.
                             </p>
@@ -4883,7 +5003,7 @@
                                 <ol>
                                   <li>
                                     <p>
-                                      Set the fields named <code>d</code>, <code>p</code>,
+                                      Set the attributes named <code>d</code>, <code>p</code>,
                                       <code>q</code>, <code>dp</code>, <code>dq</code>, and
                                       <code>qi</code> of <var>jwk</var> according to the
                                       corresponding definitions in <a href="#jwa">JSON Web
@@ -4894,7 +5014,7 @@
                                     <p>
                                       If the underlying RSA private key represented by
                                       <var>key</var> is represented by more than two primes, set the
-                                      field named <code>oth</code> of <var>jwk</var> according to
+                                      attribute named <code>oth</code> of <var>jwk</var> according to
                                       the corresponding definition in <a href="#jwa">JSON Web
                                       Algorithms</a>, Section 6.3.2.7
                                     </p>
@@ -4905,28 +5025,21 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a
                               href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> field of <var>jwk</var> to the <a
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a
                               href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding
-                              <var>jwk</var> according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>result</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ul>
@@ -4942,13 +5055,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> containing
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -5006,7 +5113,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
@@ -5747,9 +5854,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -5978,7 +6084,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
@@ -6116,6 +6222,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -6131,7 +6243,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
                               with the following properties:
                             </p>
@@ -6281,16 +6393,22 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ul>
                           <li>
-                            <p>Let <var>jwk</var> be a new internal object.</p>
-                          </li>
-                          <li>
-                            <p>Set the <code>kty</code> field of <var>jwk</var> to the string
+                            <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.</p>
+                          </li>
+                          <li>
+                            <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
                             <code>"RSA"</code>.</p>
                           </li>
                           <li>
@@ -6306,28 +6424,28 @@
                               <dt>If <var>hash</var> is <code>SHA-1</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>PS1</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-256</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>PS256</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-384</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>PS384</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-512</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>PS512</code>.
                                 </p>
                               </dd>
@@ -6342,7 +6460,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+                              Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
                               according to the corresponding definitions in <a href="#jwa">JSON Web
                               Algorithms</a>, Section 6.3.1.
                             </p>
@@ -6357,7 +6475,7 @@
                                 <ol>
                                   <li>
                                     <p>
-                                      Set the fields named <code>d</code>, <code>p</code>,
+                                      Set the attributes named <code>d</code>, <code>p</code>,
                                       <code>q</code>, <code>dp</code>, <code>dq</code>, and
                                       <code>qi</code> of <var>jwk</var> according to the
                                       corresponding definitions in <a href="#jwa">JSON Web
@@ -6368,7 +6486,7 @@
                                     <p>
                                       If the underlying RSA private key represented by
                                       <var>key</var> is represented by more than two primes, set the
-                                      field named <code>oth</code> of <var>jwk</var> according to
+                                      attribute named <code>oth</code> of <var>jwk</var> according to
                                       the corresponding definition in <a href="#jwa">JSON Web
                                       Algorithms</a>, Section 6.3.2.7
                                     </p>
@@ -6379,28 +6497,21 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a
                               href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> field of <var>jwk</var> to the <a
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a
                               href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding
-                              <var>jwk</var> according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>result</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ul>
@@ -6416,13 +6527,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> containing
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -6480,7 +6585,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
@@ -7225,9 +7330,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -7439,7 +7543,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
@@ -7567,6 +7671,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -7582,7 +7692,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
                               with the following properties:
                             </p>
@@ -7722,17 +7832,26 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ul>
                           <li>
-                            <p>Let <var>jwk</var> be a new internal object.</p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> field of <var>jwk</var> to the string
+                            <p>
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the string
                               <code>"RSA"</code>.
                             </p>
                           </li>
@@ -7747,7 +7866,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>"RSA-OAEP"</code>.
                                 </p>
                               </dd>
@@ -7760,7 +7879,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>"RSA-OAEP-256"</code>.
                                 </p>
                               </dd>
@@ -7773,7 +7892,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>"RSA-OAEP-384"</code>.
                                 </p>
                               </dd>
@@ -7786,7 +7905,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>"RSA-OAEP-512"</code>.
                                 </p>
                               </dd>
@@ -7794,7 +7913,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+                              Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
                               according to the corresponding definitions in <a href="#jwa">JSON Web
                               Algorithms</a>, Section 6.3.1.
                             </p>
@@ -7809,7 +7928,7 @@
                                 <ol>
                                   <li>
                                     <p>
-                                      Set the fields named <code>d</code>, <code>p</code>,
+                                      Set the attributes named <code>d</code>, <code>p</code>,
                                       <code>q</code>, <code>dp</code>, <code>dq</code>, and
                                       <code>qi</code> of <var>jwk</var> according to the
                                       corresponding definitions in <a href="#jwa">JSON Web
@@ -7820,7 +7939,7 @@
                                     <p>
                                       If the underlying RSA private key represented by
                                       <var>key</var> is represented by more than two primes, set the
-                                      field named <code>oth</code> of <var>jwk</var> according to
+                                      attribute named <code>oth</code> of <var>jwk</var> according to
                                       the corresponding definition in <a href="#jwa">JSON Web
                                       Algorithms</a>, Section 6.3.2.7
                                     </p>
@@ -7831,28 +7950,21 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a
                               href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> field of <var>jwk</var> to the <a
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a
                               href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding
-                              <var>jwk</var> according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>result</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ul>
@@ -7868,13 +7980,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> containing
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -7931,7 +8037,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
 
               </tbody>
@@ -8659,9 +8765,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm over
-                              <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -8885,7 +8990,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#concept-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
@@ -8966,6 +9071,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -8981,7 +9092,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#concept-encode-a-privateKeyInfo">encoding a
                               privateKeyInfo</a> with the following properties:
                             </p>
@@ -9084,6 +9195,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
@@ -9091,12 +9208,13 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to
                               <code>"EC"</code>.
                             </p>
                           </li>
@@ -9108,7 +9226,7 @@
                                 attribute of <var>key</var> is <code>P-256</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-256"</code>
                               </dd>
                               <dt>
@@ -9117,7 +9235,7 @@
                                 attribute of <var>key</var> is <code>P-384</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-384"</code>
                               </dd>
                               <dt>
@@ -9126,21 +9244,21 @@
                                 attribute of <var>key</var> is <code>P-521</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-521"</code>
                               </dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>x</code> property of <var>jwk</var> according to the
+                              Set the <code>x</code> attribute of <var>jwk</var> according to the
                               definition in Section 6.2.1.2 of <a href="#jwa">JSON Web
                               Algorithms</a>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>y</code> property of <var>jwk</var> according to the
+                              Set the <code>y</code> attribute of <var>jwk</var> according to the
                               definition in Section 6.2.1.3 of <a href="#jwa">JSON Web
                               Algorithms</a>.
                             </p>
@@ -9153,7 +9271,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>d</code> property of <var>jwk</var> according to the
+                                  Set the <code>d</code> attribute of <var>jwk</var> according to the
                                   definition in Section 6.2.2.1 of <a href="#jwa">JSON Web
                                   Algorithms</a>.
                                 </p>
@@ -9162,28 +9280,21 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to the <a
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a
                               href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -9199,13 +9310,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> that contains
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -9256,7 +9361,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
@@ -9869,9 +9974,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm over
-                              <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -10356,12 +10460,13 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to
                               <code>"EC"</code>.
                             </p>
                           </li>
@@ -10373,7 +10478,7 @@
                                 attribute of <var>key</var> is <code>P-256</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-256"</code>
                               </dd>
                               <dt>
@@ -10382,7 +10487,7 @@
                                 attribute of <var>key</var> is <code>P-384</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-384"</code>
                               </dd>
                               <dt>
@@ -10391,21 +10496,21 @@
                                 attribute of <var>key</var> is <code>P-521</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-521"</code>
                               </dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>x</code> property of <var>jwk</var> according to the
+                              Set the <code>x</code> attribute of <var>jwk</var> according to the
                               definition in Section 6.2.1.2 of <a href="#jwa">JSON Web
                               Algorithms</a>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>y</code> property of <var>jwk</var> according to the
+                              Set the <code>y</code> attribute of <var>jwk</var> according to the
                               definition in Section 6.2.1.3 of <a href="#jwa">JSON Web
                               Algorithms</a>.
                             </p>
@@ -10418,7 +10523,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>d</code> property of <var>jwk</var> according to the
+                                  Set the <code>d</code> attribute of <var>jwk</var> according to the
                                   definition in Section 6.2.2.1 of <a href="#jwa">JSON Web
                                   Algorithms</a>.
                                 </p>
@@ -10427,28 +10532,21 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to the <a
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a
                               href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -10473,6 +10571,12 @@
                               href="#X9.62">X9.62</a> Annex A.
                             </p>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>Otherwise:</dt>
@@ -10486,13 +10590,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> that contains
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -10550,7 +10648,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -10866,9 +10964,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -11015,26 +11112,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containing the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -11044,42 +11154,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128CTR"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192CTR"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256CTR"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -11088,12 +11191,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -11193,7 +11291,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -11472,9 +11570,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -11615,26 +11712,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containing the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -11644,42 +11754,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128CBC"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192CBC"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256CBC"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -11688,12 +11791,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -11786,7 +11884,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -12016,9 +12114,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -12159,26 +12256,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containing the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -12188,42 +12298,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128CMAC"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192CMAC"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256CMAC"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -12232,7 +12335,7 @@
                   </li>
                   <li>
                     <p>
-                      Return a new ArrayBuffer containing <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -12324,7 +12427,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -12699,9 +12802,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -12842,26 +12944,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containing the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -12871,42 +12986,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128GCM"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192GCM"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256GCM"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -12920,7 +13028,7 @@
                   </li>
                   <li>
                     <p>
-                      Return a new ArrayBuffer containing <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -13014,7 +13122,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -13267,9 +13375,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -13409,26 +13516,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containng the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -13438,42 +13558,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128CFB8"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192CFB8"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256CFB8"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -13482,12 +13595,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -13580,7 +13688,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -13774,9 +13882,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -13916,26 +14023,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containng the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -13945,42 +14065,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128KW"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192KW"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256KW"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -13989,7 +14102,7 @@
                   </li>
                   <li>
                     <p>
-                      Return a new ArrayBuffer containing <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -14081,7 +14194,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -14363,9 +14476,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -14666,26 +14778,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containng the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -14710,46 +14835,39 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
                               <var>hash</var> is <code>"SHA-1"</code>:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"HS1"</code>.</dd>
                               <dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
                               <var>hash</var> is <code>"SHA-256"</code>:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"HS256"</code>.</dd>
                               <dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
                               <var>hash</var> is <code>"SHA-384"</code>:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"HS384"</code>.</dd>
                               <dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
                               <var>hash</var> is <code>"SHA-512"</code>:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"HS512"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -14758,7 +14876,7 @@
                   </li>
                   <li>
                     <p>
-                      Return a new ArrayBuffer containing <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -14861,7 +14979,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
@@ -15550,26 +15668,36 @@
                         If <var>format</var> is <code>"raw"</code>:
                       </dt>
                       <dd>
-                        <dl class="switch">
-                          <dt>
-                            If the <a href="#dfn-CryptoKey-type">type</a> attribute of
-                            <var>key</var> is <code>"public"</code>:
-                          </dt>
-                          <dd>
-                            Let <var>result</var> be the Public Value, <var>PV</var>, associated
-                            with <var>key</var> as specified in Section 7 of [<a href="#PKCS3">PKCS
-                            #3</a>].
-                          </dd>
-                          <dt>
-                            If the <a href="#dfn-CryptoKey-type">type</a> attribute of
-                            <var>key</var> is <code>"private"</code>:
-                          </dt>
-                          <dd>
-                            Let <var>result</var> be the octet string that represents the private
-                            value <var>x</var> associated with <var>key</var> as a big integer, most
-                            significant octet first.
-                          </dd>
-                        </dl>
+                        <ol>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"public"</code>:
+                              </dt>
+                              <dd>
+                                Let <var>data</var> be the Public Value, <var>PV</var>, associated
+                                with <var>key</var> as specified in Section 7 of [<a
+                                href="#PKCS3">PKCS #3</a>].
+                              </dd>
+                              <dt>
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"private"</code>:
+                              </dt>
+                              <dd>
+                                Let <var>data</var> be the octet string that represents the private
+                                value <var>x</var> associated with <var>key</var> as a big integer,
+                                most significant octet first.
+                              </dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>
                         If <var>format</var> is <code>"spki"</code>:
@@ -15586,7 +15714,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#concept-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
@@ -15644,6 +15772,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>
@@ -15661,7 +15795,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a
+                              Let <var>data</var> be the result of <a
                               href="#concept-encode-a-privateKeyInfo">encoding a
                               privateKeyInfo</a> with the following properties:
                             </p>
@@ -15719,6 +15853,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>Otherwise:</dt>
@@ -15730,13 +15870,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> containing
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
--- a/spec/Overview.html	Mon Jun 16 00:00:00 2014 -0700
+++ b/spec/Overview.html	Mon Jun 16 00:00:00 2014 -0700
@@ -44,7 +44,7 @@
         communications.
       </p>
   
-      <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 18 further editorial notes in the document.</p></div>
+      <div class="ednote"><div class="ednoteHeader">Editorial note</div><p>There are 16 further editorial notes in the document.</p></div>
     </div>
 
     <div class="section">
@@ -134,7 +134,7 @@
 
     <div id="toc">
       <h2>Table of Contents</h2>
-      <div class="toc"><ul><li><a href="#introduction">1. Introduction</a></li><li><a href="#use-cases">2. Use Cases</a><ul><li><a href="#multifactor-authentication">2.1. Multi-factor Authentication</a></li><li><a href="#protected-document">2.2. Protected Document Exchange</a></li><li><a href="#cloud-storage">2.3. Cloud Storage</a></li><li><a href="#document-signing">2.4. Document Signing</a></li><li><a href="#data-integrity-protection">2.5. Data Integrity Protection</a></li><li><a href="#secure-messaging">2.6. Secure Messaging</a></li><li><a href="#jose">2.7. Javascript Object Signing and Encryption (JOSE)</a></li></ul></li><li><a href="#conformance">3. Conformance</a></li><li><a href="#scope">4. Scope</a><ul><li><a href="#scope-abstraction">4.1. Level of abstraction</a></li><li><a href="#scope-algorithms">4.2. Cryptographic algorithms</a></li><li><a href="#scope-operations">4.3. Operations</a></li><li><a href="#scope-out-of-scope">4.4. Out of scope</a></li></ul></li><li><a href="#security">5. Security considerations</a><ul><li><a href="#security-implementers">5.1. Security considerations for implementers</a></li><li><a href="#security-developers">5.2. Security considerations for authors</a></li></ul></li><li><a href="#privacy">6. Privacy considerations</a></li><li><a href="#dependencies">7. Dependencies</a></li><li><a href="#terminology">8. Terminology</a></li><li><a href="#RandomSource-interface">9. RandomSource interface</a><ul><li><a href="#RandomSource-description">9.1. Description</a></li><li><a href="#RandomSource-interface-methods">9.2. Methods and Parameters</a><ul><li><a href="#RandomSource-method-getRandomValues">9.2.1. The getRandomValues method</a></li></ul></li></ul></li><li><a href="#algorithm-dictionary">10. Algorithm dictionary</a><ul><li><a href="#algorithm-dictionary-members">10.1. Algorithm Dictionary Members</a></li></ul></li><li><a href="#key-algorithm-interface">11. KeyAlgorithm interface</a><ul><li><a href="#key-algorithm-interface-description">11.1. Description</a></li><li><a href="#key-algorithm-interface-members">11.2. KeyAlgorithm interface members</a></li></ul></li><li><a href="#cryptokey-interface">12. CryptoKey interface</a><ul><li><a href="#cryptokey-interface-description">12.1. Description</a></li><li><a href="#cryptokey-interface-types">12.2. Key interface data types</a></li><li><a href="#cryptokey-interface-members">12.3. CryptoKey interface members</a></li><li><a href="#cryptokey-interface-clone">12.4. Structured clone algorithm</a></li></ul></li><li><a href="#crypto-interface">13. Crypto interface</a></li><li><a href="#subtlecrypto-interface">14. SubtleCrypto interface</a><ul><li><a href="#subtlecrypto-interface-description">14.1. Description</a></li><li><a href="#subtlecrypto-interface-datatypes">14.2. Data Types</a></li><li><a href="#subtlecrypto-interface-methods">14.3. Methods and Parameters</a><ul><li><a href="#SubtleCrypto-method-encrypt">14.3.1. The encrypt method</a></li><li><a href="#SubtleCrypto-method-decrypt">14.3.2. The decrypt method</a></li><li><a href="#SubtleCrypto-method-sign">14.3.3. The sign method</a></li><li><a href="#SubtleCrypto-method-verify">14.3.4. The verify method</a></li><li><a href="#SubtleCrypto-method-digest">14.3.5. The digest method</a></li><li><a href="#SubtleCrypto-method-generateKey">14.3.6. The generateKey method</a></li><li><a href="#SubtleCrypto-method-deriveKey">14.3.7. The deriveKey method</a></li><li><a href="#SubtleCrypto-method-deriveBits">14.3.8. The deriveBits method</a></li><li><a href="#SubtleCrypto-method-importKey">14.3.9. The importKey method</a></li><li><a href="#SubtleCrypto-method-exportKey">14.3.10. The exportKey method</a></li><li><a href="#SubtleCrypto-method-wrapKey">14.3.11. The wrapKey method</a></li><li><a href="#SubtleCrypto-method-unwrapKey">14.3.12. The unwrapKey method</a></li></ul></li><li><a href="#SubtleCrypto-Exceptions">14.4. Exceptions</a></li></ul></li><li><a href="#WorkerCrypto-interface">15. WorkerCrypto interface</a><ul><li><a href="#WorkerCrypto-description">15.1. Description</a></li></ul></li><li><a href="#big-integer">16. BigInteger</a></li><li><a href="#keypair">17. KeyPair</a></li><li><a href="#algorithms">18. Algorithms</a><ul><li><a href="#algorithms-index">18.1. Registered algorithms</a></li><li><a href="#recommended-algorithms">18.2. Recommended algorithms</a></li><li><a href="#defining-an-algorithm">18.3. Defining an algorithm</a><ul><li><a href="#recognized-algorithm-name">18.3.1. Recognized algorithm name</a></li><li><a href="#supported-operations">18.3.2. Supported operations</a></li><li><a href="#algorithm-specific-params">18.3.3. Algorithm-specific parameters</a></li><li><a href="#algorithm-result">18.3.4. Algorithm results</a></li><li><a href="#algorithm-alias">18.3.5. Algorithm aliases</a></li></ul></li><li><a href="#rsaes-pkcs1">18.4. RSAES-PKCS1-v1_5</a><ul><li><a href="#rsaes-pkcs1-description">18.4.1. Description</a></li><li><a href="#rsaes-pkcs1-registration">18.4.2. Registration</a></li><li><a href="#RsaKeyGenParams-dictionary">18.4.3. RsaKeyGenParams dictionary</a></li><li><a href="#RsaKeyAlgorithm-interface">18.4.4. RsaKeyAlgorithm interface</a></li><li><a href="#rsaes-pkcs1-operations">18.4.5. Operations</a></li></ul></li><li><a href="#rsassa-pkcs1">18.5. RSASSA-PKCS1-v1_5</a><ul><li><a href="#rsassa-pkcs1-description">18.5.1. Description</a></li><li><a href="#rsassa-pkcs1-registration">18.5.2. Registration</a></li><li><a href="#RsaHashedKeyGenParams-dictionary">18.5.3. RsaHashedKeyGenParams dictionary</a></li><li><a href="#RsaHashedKeyAlgorithm-interface">18.5.4. RsaHashedKeyAlgorithm interface</a></li><li><a href="#RsaHashedImportParams-dictionary">18.5.5. RsaHashedImportParams dictionary</a></li><li><a href="#rsassa-pkcs1-operations">18.5.6. Operations</a></li></ul></li><li><a href="#rsa-pss">18.6. RSA-PSS</a><ul><li><a href="#rsa-pss-description">18.6.1. Description</a></li><li><a href="#rsa-pss-registration">18.6.2. Registration</a></li><li><a href="#RsaPssParams-dictionary">18.6.3. RsaPssParams dictionary</a></li><li><a href="#rsa-pss-operations">18.6.4. Operations</a></li></ul></li><li><a href="#rsa-oaep">18.7. RSA-OAEP</a><ul><li><a href="#rsa-oaep-description">18.7.1. Description</a></li><li><a href="#rsa-oaep-registration">18.7.2. Registration</a></li><li><a href="#rsa-oaep-params">18.7.3. RsaOaepParams dictionary</a></li><li><a href="#rsa-oaep-operations">18.7.4. Operations</a></li></ul></li><li><a href="#ecdsa">18.8. ECDSA</a><ul><li><a href="#ecdsa-description">18.8.1. Description</a></li><li><a href="#ecdsa-registration">18.8.2. Registration</a></li><li><a href="#EcdsaParams-dictionary">18.8.3. EcdsaParams dictionary</a></li><li><a href="#EcKeyGenParams-dictionary">18.8.4. EcKeyGenParams dictionary</a></li><li><a href="#EcKeyAlgorithm-interface">18.8.5. EcKeyAlgorithm interface</a></li><li><a href="#EcKeyImportParams-dictionary">18.8.6. EcKeyImportParams dictionary</a></li><li><a href="#ecdsa-operations">18.8.7. Operations</a></li></ul></li><li><a href="#ecdh">18.9. ECDH</a><ul><li><a href="#ecdh-description">18.9.1. Description</a></li><li><a href="#ecdh-registration">18.9.2. Registration</a></li><li><a href="#dh-EcdhKeyDeriveParams">18.9.3. EcdhKeyDeriveParams dictionary</a></li><li><a href="#ecdh-operations">18.9.4. Operations</a></li></ul></li><li><a href="#aes-ctr">18.10. AES-CTR</a><ul><li><a href="#aes-ctr-description">18.10.1. Description</a></li><li><a href="#aes-ctr-registration">18.10.2. Registration</a></li><li><a href="#aes-ctr-params">18.10.3. AesCtrParams dictionary</a></li><li><a href="#AesKeyAlgorithm-interface">18.10.4. </a></li><li><a href="#aes-keygen-params">18.10.5. AesKeyGenParams dictionary</a></li><li><a href="#aes-derivedkey-params">18.10.6. AesDerivedKeyParams dictionary</a></li><li><a href="#aes-ctr-operations">18.10.7. Operations</a></li></ul></li><li><a href="#aes-cbc">18.11. AES-CBC</a><ul><li><a href="#aes-cbc-description">18.11.1. Description</a></li><li><a href="#aes-cbc-registration">18.11.2. Registration</a></li><li><a href="#aes-cbc-params">18.11.3. AesCbcParams dictionary</a></li><li><a href="#aes-cbc-operations">18.11.4. Operations</a></li></ul></li><li><a href="#aes-cmac">18.12. AES-CMAC</a><ul><li><a href="#aes-cmac-description">18.12.1. Description</a></li><li><a href="#aes-cmac-registration">18.12.2. Registration</a></li><li><a href="#aes-cmac-params">18.12.3. AesCmacParams dictionary</a></li><li><a href="#aes-cmac-operations">18.12.4. Operations</a></li></ul></li><li><a href="#aes-gcm">18.13. AES-GCM</a><ul><li><a href="#aes-gcm-description">18.13.1. Description</a></li><li><a href="#aes-gcm-registration">18.13.2. Registration</a></li><li><a href="#aes-gcm-params">18.13.3. AesGcmParams dictionary</a></li><li><a href="#aes-gcm-operations">18.13.4. Operations</a></li></ul></li><li><a href="#aes-cfb">18.14. AES-CFB</a><ul><li><a href="#aes-cfb-description">18.14.1. Description</a></li><li><a href="#aes-cfb-registration">18.14.2. Registration</a></li><li><a href="#aes-cfb-params">18.14.3. AesCfbParams dictionary</a></li><li><a href="#aes-cfb-operations">18.14.4. Operations</a></li></ul></li><li><a href="#aes-kw">18.15. AES-KW</a><ul><li><a href="#aes-kw-description">18.15.1. Description</a></li><li><a href="#aes-kw-registration">18.15.2. Registration</a></li><li><a href="#aes-kw-operations">18.15.3. Operations</a></li></ul></li><li><a href="#hmac">18.16. HMAC</a><ul><li><a href="#hmac-description">18.16.1. Description</a></li><li><a href="#hmac-registration">18.16.2. Registration</a></li><li><a href="#hmac-importparams">18.16.3. HmacImportParams dictionary</a></li><li><a href="#hmac-keyalgorithm">18.16.4. HmacKeyAlgorithm interface</a></li><li><a href="#hmac-keygen-params">18.16.5. HmacKeyGenParams dictionary</a></li><li><a href="#hmac-derivedkey-params">18.16.6. HmacDerivedKeyParams dictionary</a></li><li><a href="#hmac-operations">18.16.7. Operations</a></li></ul></li><li><a href="#dh">18.17. Diffie-Hellman</a><ul><li><a href="#dh-description">18.17.1. Description</a></li><li><a href="#dh-registration">18.17.2. Registration</a></li><li><a href="#dh-DhKeyGenParams">18.17.3. DhKeyGenParams dictionary</a></li><li><a href="#dh-DhKeyAlgorithm">18.17.4. DhKeyAlgorithm interface</a></li><li><a href="#dh-DhKeyDeriveParams">18.17.5. DhKeyDeriveParams dictionary</a></li><li><a href="#dh-DhImportKeyParams">18.17.6. DhImportKeyParams dictionary</a></li><li><a href="#dh-operations">18.17.7. Operations</a></li></ul></li><li><a href="#sha">18.18. SHA</a><ul><li><a href="#sha-description">18.18.1. Description</a></li><li><a href="#sha-registration">18.18.2. Registration</a></li><li><a href="#sha-operations">18.18.3. Operations</a></li></ul></li><li><a href="#concatkdf">18.19. Concat KDF</a><ul><li><a href="#concatkdf-description">18.19.1. Description</a></li><li><a href="#concatkdf-registration">18.19.2. Registration</a></li><li><a href="#concat-params">18.19.3. ConcatParams dictionary</a></li><li><a href="#concat-operations">18.19.4. Operations</a></li></ul></li><li><a href="#hkdf-ctr">18.20. HKDF-CTR</a><ul><li><a href="#hkdf-ctr-description">18.20.1. Description</a></li><li><a href="#hkdf-ctr-registration">18.20.2. Registration</a></li><li><a href="#hkdf-ctr-params">18.20.3. HkdfCtrParams dictionary</a></li><li><a href="#hkdf2-ctr-operations">18.20.4. Operations</a></li></ul></li><li><a href="#pbkdf2">18.21. PBKDF2</a><ul><li><a href="#pbkdf2-description">18.21.1. Description</a></li><li><a href="#pbkdf2-registration">18.21.2. Registration</a></li><li><a href="#pbkdf2-params">18.21.3. Pbkdf2Params dictionary</a></li><li><a href="#pbkdf2-operations">18.21.4. Operations</a></li></ul></li></ul></li><li><a href="#algorithm-normalizing-rules">19. Algorithm normalizing rules</a></li><li><a href="#examples-section">20. JavaScript Example Code</a><ul><li><a href="#examples-signing">20.1. Generate a signing key pair, sign some data</a></li><li><a href="#examples-symmetric-encryption">20.2. Symmetric Encryption</a></li></ul></li><li><a href="#iana-section">21. IANA Considerations</a><ul><li><a href="#iana-section-jws-jwa">21.1. JSON Web Signature and Encryption Algorithms Registration</a></li><li><a href="#iana-section-jwk">21.2. JSON Web Key Parameters Registration</a></li></ul></li><li><a href="#acknowledgements-section">22. Acknowledgements</a></li><li><a href="#references">23. References</a><ul><li><a href="#normative-references">23.1. Normative References</a></li><li><a href="#informative-references">23.2. Informative References</a></li></ul></li></ul><ul><li><a href="#jwk-mapping">A. Mapping between JSON Web Key / JSON Web Algorithm</a><ul><li><a href="#jwk-mapping-alg">A.1. Algorithm mappings</a></li><li><a href="#jwk-mapping-usage">A.2. Usage mapping</a></li></ul></li><li><a href="#spki-mapping">B. Mapping between Algorithm and SubjectPublicKeyInfo</a></li><li><a href="#pkcs8-mapping">C. Mapping between Algorithm and PKCS#8 PrivateKeyInfo</a></li></ul></div>
+      <div class="toc"><ul><li><a href="#introduction">1. Introduction</a></li><li><a href="#use-cases">2. Use Cases</a><ul><li><a href="#multifactor-authentication">2.1. Multi-factor Authentication</a></li><li><a href="#protected-document">2.2. Protected Document Exchange</a></li><li><a href="#cloud-storage">2.3. Cloud Storage</a></li><li><a href="#document-signing">2.4. Document Signing</a></li><li><a href="#data-integrity-protection">2.5. Data Integrity Protection</a></li><li><a href="#secure-messaging">2.6. Secure Messaging</a></li><li><a href="#jose">2.7. Javascript Object Signing and Encryption (JOSE)</a></li></ul></li><li><a href="#conformance">3. Conformance</a></li><li><a href="#scope">4. Scope</a><ul><li><a href="#scope-abstraction">4.1. Level of abstraction</a></li><li><a href="#scope-algorithms">4.2. Cryptographic algorithms</a></li><li><a href="#scope-operations">4.3. Operations</a></li><li><a href="#scope-out-of-scope">4.4. Out of scope</a></li></ul></li><li><a href="#security">5. Security considerations</a><ul><li><a href="#security-implementers">5.1. Security considerations for implementers</a></li><li><a href="#security-developers">5.2. Security considerations for authors</a></li></ul></li><li><a href="#privacy">6. Privacy considerations</a></li><li><a href="#dependencies">7. Dependencies</a></li><li><a href="#terminology">8. Terminology</a></li><li><a href="#RandomSource-interface">9. RandomSource interface</a><ul><li><a href="#RandomSource-description">9.1. Description</a></li><li><a href="#RandomSource-interface-methods">9.2. Methods and Parameters</a><ul><li><a href="#RandomSource-method-getRandomValues">9.2.1. The getRandomValues method</a></li></ul></li></ul></li><li><a href="#algorithm-dictionary">10. Algorithm dictionary</a><ul><li><a href="#algorithm-dictionary-members">10.1. Algorithm Dictionary Members</a></li></ul></li><li><a href="#key-algorithm-interface">11. KeyAlgorithm interface</a><ul><li><a href="#key-algorithm-interface-description">11.1. Description</a></li><li><a href="#key-algorithm-interface-members">11.2. KeyAlgorithm interface members</a></li></ul></li><li><a href="#cryptokey-interface">12. CryptoKey interface</a><ul><li><a href="#cryptokey-interface-description">12.1. Description</a></li><li><a href="#cryptokey-interface-types">12.2. Key interface data types</a></li><li><a href="#cryptokey-interface-members">12.3. CryptoKey interface members</a></li><li><a href="#cryptokey-interface-clone">12.4. Structured clone algorithm</a></li></ul></li><li><a href="#crypto-interface">13. Crypto interface</a></li><li><a href="#subtlecrypto-interface">14. SubtleCrypto interface</a><ul><li><a href="#subtlecrypto-interface-description">14.1. Description</a></li><li><a href="#subtlecrypto-interface-datatypes">14.2. Data Types</a></li><li><a href="#subtlecrypto-interface-methods">14.3. Methods and Parameters</a><ul><li><a href="#SubtleCrypto-method-encrypt">14.3.1. The encrypt method</a></li><li><a href="#SubtleCrypto-method-decrypt">14.3.2. The decrypt method</a></li><li><a href="#SubtleCrypto-method-sign">14.3.3. The sign method</a></li><li><a href="#SubtleCrypto-method-verify">14.3.4. The verify method</a></li><li><a href="#SubtleCrypto-method-digest">14.3.5. The digest method</a></li><li><a href="#SubtleCrypto-method-generateKey">14.3.6. The generateKey method</a></li><li><a href="#SubtleCrypto-method-deriveKey">14.3.7. The deriveKey method</a></li><li><a href="#SubtleCrypto-method-deriveBits">14.3.8. The deriveBits method</a></li><li><a href="#SubtleCrypto-method-importKey">14.3.9. The importKey method</a></li><li><a href="#SubtleCrypto-method-exportKey">14.3.10. The exportKey method</a></li><li><a href="#SubtleCrypto-method-wrapKey">14.3.11. The wrapKey method</a></li><li><a href="#SubtleCrypto-method-unwrapKey">14.3.12. The unwrapKey method</a></li></ul></li><li><a href="#SubtleCrypto-Exceptions">14.4. Exceptions</a></li></ul></li><li><a href="#JsonWebKey-dictionary">15. JsonWebKey dictionary</a></li><li><a href="#WorkerCrypto-interface">16. WorkerCrypto interface</a><ul><li><a href="#WorkerCrypto-description">16.1. Description</a></li></ul></li><li><a href="#big-integer">17. BigInteger</a></li><li><a href="#keypair">18. KeyPair</a></li><li><a href="#algorithms">19. Algorithms</a><ul><li><a href="#algorithms-index">19.1. Registered algorithms</a></li><li><a href="#recommended-algorithms">19.2. Recommended algorithms</a></li><li><a href="#defining-an-algorithm">19.3. Defining an algorithm</a><ul><li><a href="#recognized-algorithm-name">19.3.1. Recognized algorithm name</a></li><li><a href="#supported-operations">19.3.2. Supported operations</a></li><li><a href="#algorithm-specific-params">19.3.3. Algorithm-specific parameters</a></li><li><a href="#algorithm-result">19.3.4. Algorithm results</a></li><li><a href="#algorithm-alias">19.3.5. Algorithm aliases</a></li></ul></li><li><a href="#rsaes-pkcs1">19.4. RSAES-PKCS1-v1_5</a><ul><li><a href="#rsaes-pkcs1-description">19.4.1. Description</a></li><li><a href="#rsaes-pkcs1-registration">19.4.2. Registration</a></li><li><a href="#RsaKeyGenParams-dictionary">19.4.3. RsaKeyGenParams dictionary</a></li><li><a href="#RsaKeyAlgorithm-interface">19.4.4. RsaKeyAlgorithm interface</a></li><li><a href="#rsaes-pkcs1-operations">19.4.5. Operations</a></li></ul></li><li><a href="#rsassa-pkcs1">19.5. RSASSA-PKCS1-v1_5</a><ul><li><a href="#rsassa-pkcs1-description">19.5.1. Description</a></li><li><a href="#rsassa-pkcs1-registration">19.5.2. Registration</a></li><li><a href="#RsaHashedKeyGenParams-dictionary">19.5.3. RsaHashedKeyGenParams dictionary</a></li><li><a href="#RsaHashedKeyAlgorithm-interface">19.5.4. RsaHashedKeyAlgorithm interface</a></li><li><a href="#RsaHashedImportParams-dictionary">19.5.5. RsaHashedImportParams dictionary</a></li><li><a href="#rsassa-pkcs1-operations">19.5.6. Operations</a></li></ul></li><li><a href="#rsa-pss">19.6. RSA-PSS</a><ul><li><a href="#rsa-pss-description">19.6.1. Description</a></li><li><a href="#rsa-pss-registration">19.6.2. Registration</a></li><li><a href="#RsaPssParams-dictionary">19.6.3. RsaPssParams dictionary</a></li><li><a href="#rsa-pss-operations">19.6.4. Operations</a></li></ul></li><li><a href="#rsa-oaep">19.7. RSA-OAEP</a><ul><li><a href="#rsa-oaep-description">19.7.1. Description</a></li><li><a href="#rsa-oaep-registration">19.7.2. Registration</a></li><li><a href="#rsa-oaep-params">19.7.3. RsaOaepParams dictionary</a></li><li><a href="#rsa-oaep-operations">19.7.4. Operations</a></li></ul></li><li><a href="#ecdsa">19.8. ECDSA</a><ul><li><a href="#ecdsa-description">19.8.1. Description</a></li><li><a href="#ecdsa-registration">19.8.2. Registration</a></li><li><a href="#EcdsaParams-dictionary">19.8.3. EcdsaParams dictionary</a></li><li><a href="#EcKeyGenParams-dictionary">19.8.4. EcKeyGenParams dictionary</a></li><li><a href="#EcKeyAlgorithm-interface">19.8.5. EcKeyAlgorithm interface</a></li><li><a href="#EcKeyImportParams-dictionary">19.8.6. EcKeyImportParams dictionary</a></li><li><a href="#ecdsa-operations">19.8.7. Operations</a></li></ul></li><li><a href="#ecdh">19.9. ECDH</a><ul><li><a href="#ecdh-description">19.9.1. Description</a></li><li><a href="#ecdh-registration">19.9.2. Registration</a></li><li><a href="#dh-EcdhKeyDeriveParams">19.9.3. EcdhKeyDeriveParams dictionary</a></li><li><a href="#ecdh-operations">19.9.4. Operations</a></li></ul></li><li><a href="#aes-ctr">19.10. AES-CTR</a><ul><li><a href="#aes-ctr-description">19.10.1. Description</a></li><li><a href="#aes-ctr-registration">19.10.2. Registration</a></li><li><a href="#aes-ctr-params">19.10.3. AesCtrParams dictionary</a></li><li><a href="#AesKeyAlgorithm-interface">19.10.4. </a></li><li><a href="#aes-keygen-params">19.10.5. AesKeyGenParams dictionary</a></li><li><a href="#aes-derivedkey-params">19.10.6. AesDerivedKeyParams dictionary</a></li><li><a href="#aes-ctr-operations">19.10.7. Operations</a></li></ul></li><li><a href="#aes-cbc">19.11. AES-CBC</a><ul><li><a href="#aes-cbc-description">19.11.1. Description</a></li><li><a href="#aes-cbc-registration">19.11.2. Registration</a></li><li><a href="#aes-cbc-params">19.11.3. AesCbcParams dictionary</a></li><li><a href="#aes-cbc-operations">19.11.4. Operations</a></li></ul></li><li><a href="#aes-cmac">19.12. AES-CMAC</a><ul><li><a href="#aes-cmac-description">19.12.1. Description</a></li><li><a href="#aes-cmac-registration">19.12.2. Registration</a></li><li><a href="#aes-cmac-params">19.12.3. AesCmacParams dictionary</a></li><li><a href="#aes-cmac-operations">19.12.4. Operations</a></li></ul></li><li><a href="#aes-gcm">19.13. AES-GCM</a><ul><li><a href="#aes-gcm-description">19.13.1. Description</a></li><li><a href="#aes-gcm-registration">19.13.2. Registration</a></li><li><a href="#aes-gcm-params">19.13.3. AesGcmParams dictionary</a></li><li><a href="#aes-gcm-operations">19.13.4. Operations</a></li></ul></li><li><a href="#aes-cfb">19.14. AES-CFB</a><ul><li><a href="#aes-cfb-description">19.14.1. Description</a></li><li><a href="#aes-cfb-registration">19.14.2. Registration</a></li><li><a href="#aes-cfb-params">19.14.3. AesCfbParams dictionary</a></li><li><a href="#aes-cfb-operations">19.14.4. Operations</a></li></ul></li><li><a href="#aes-kw">19.15. AES-KW</a><ul><li><a href="#aes-kw-description">19.15.1. Description</a></li><li><a href="#aes-kw-registration">19.15.2. Registration</a></li><li><a href="#aes-kw-operations">19.15.3. Operations</a></li></ul></li><li><a href="#hmac">19.16. HMAC</a><ul><li><a href="#hmac-description">19.16.1. Description</a></li><li><a href="#hmac-registration">19.16.2. Registration</a></li><li><a href="#hmac-importparams">19.16.3. HmacImportParams dictionary</a></li><li><a href="#hmac-keyalgorithm">19.16.4. HmacKeyAlgorithm interface</a></li><li><a href="#hmac-keygen-params">19.16.5. HmacKeyGenParams dictionary</a></li><li><a href="#hmac-derivedkey-params">19.16.6. HmacDerivedKeyParams dictionary</a></li><li><a href="#hmac-operations">19.16.7. Operations</a></li></ul></li><li><a href="#dh">19.17. Diffie-Hellman</a><ul><li><a href="#dh-description">19.17.1. Description</a></li><li><a href="#dh-registration">19.17.2. Registration</a></li><li><a href="#dh-DhKeyGenParams">19.17.3. DhKeyGenParams dictionary</a></li><li><a href="#dh-DhKeyAlgorithm">19.17.4. DhKeyAlgorithm interface</a></li><li><a href="#dh-DhKeyDeriveParams">19.17.5. DhKeyDeriveParams dictionary</a></li><li><a href="#dh-DhImportKeyParams">19.17.6. DhImportKeyParams dictionary</a></li><li><a href="#dh-operations">19.17.7. Operations</a></li></ul></li><li><a href="#sha">19.18. SHA</a><ul><li><a href="#sha-description">19.18.1. Description</a></li><li><a href="#sha-registration">19.18.2. Registration</a></li><li><a href="#sha-operations">19.18.3. Operations</a></li></ul></li><li><a href="#concatkdf">19.19. Concat KDF</a><ul><li><a href="#concatkdf-description">19.19.1. Description</a></li><li><a href="#concatkdf-registration">19.19.2. Registration</a></li><li><a href="#concat-params">19.19.3. ConcatParams dictionary</a></li><li><a href="#concat-operations">19.19.4. Operations</a></li></ul></li><li><a href="#hkdf-ctr">19.20. HKDF-CTR</a><ul><li><a href="#hkdf-ctr-description">19.20.1. Description</a></li><li><a href="#hkdf-ctr-registration">19.20.2. Registration</a></li><li><a href="#hkdf-ctr-params">19.20.3. HkdfCtrParams dictionary</a></li><li><a href="#hkdf2-ctr-operations">19.20.4. Operations</a></li></ul></li><li><a href="#pbkdf2">19.21. PBKDF2</a><ul><li><a href="#pbkdf2-description">19.21.1. Description</a></li><li><a href="#pbkdf2-registration">19.21.2. Registration</a></li><li><a href="#pbkdf2-params">19.21.3. Pbkdf2Params dictionary</a></li><li><a href="#pbkdf2-operations">19.21.4. Operations</a></li></ul></li></ul></li><li><a href="#algorithm-normalizing-rules">20. Algorithm normalizing rules</a></li><li><a href="#examples-section">21. JavaScript Example Code</a><ul><li><a href="#examples-signing">21.1. Generate a signing key pair, sign some data</a></li><li><a href="#examples-symmetric-encryption">21.2. Symmetric Encryption</a></li></ul></li><li><a href="#iana-section">22. IANA Considerations</a><ul><li><a href="#iana-section-jws-jwa">22.1. JSON Web Signature and Encryption Algorithms Registration</a></li><li><a href="#iana-section-jwk">22.2. JSON Web Key Parameters Registration</a></li></ul></li><li><a href="#acknowledgements-section">23. Acknowledgements</a></li><li><a href="#references">24. References</a><ul><li><a href="#normative-references">24.1. Normative References</a></li><li><a href="#informative-references">24.2. Informative References</a></li></ul></li></ul><ul><li><a href="#jwk-mapping">A. Mapping between JSON Web Key / JSON Web Algorithm</a><ul><li><a href="#jwk-mapping-alg">A.1. Algorithm mappings</a></li><li><a href="#jwk-mapping-usage">A.2. Usage mapping</a></li></ul></li><li><a href="#spki-mapping">B. Mapping between Algorithm and SubjectPublicKeyInfo</a></li><li><a href="#pkcs8-mapping">C. Mapping between Algorithm and PKCS#8 PrivateKeyInfo</a></li></ul></div>
     </div>
 
     <div id="sections">
@@ -631,34 +631,36 @@
           </li>
           <li>
             <p>
-              Let <var>json</var> be the unicode string that results from interpreting
+              Let <var>json</var> be the Unicode string that results from interpreting
               <var>data</var> according to UTF-8.
             </p>
           </li>
           <li>
             <p>
-              Let <var>result</var> be the result of translating <var>json</var> into an internal
-              object using the grammar specified in Section 15.12 of <a href="#ECMA-262">ECMA
-              262</a>.
+              Convert <var>json</var> to UTF-16.
             </p>
           </li>
           <li>
             <p>
-              If <var>result</var> does not describe an Object type, 
-              then <a href="#concept-return-an-error">return an error</a> named
-              <a href="#dfn-DataError"><code>DataError</code></a>.
+              Let <var>result</var> be the object literal that results from executing the
+              <code>JSON.parse</code> internal function, with <code>text</code>
+              argument set to a JavaScript String containing <var>json</var>.
             </p>
           </li>
           <li>
             <p>
-              If the <code>"kty"</code> field of <var>result</var> is not present, or is not a
-              string value, then <a href="#concept-return-an-error">return an error</a> named
-              <a href="#dfn-DataError"><code>DataError</code></a>.
+              Let <var>key</var> be the result of converting <var>result</var> to the IDL dictionary
+              type of <a href="#dfn-JsonWebKey">JsonWebKey</a>.
             </p>
           </li>
           <li>
             <p>
-              Return <var>result</var>.
+              If the <code>"kty"</code> field of <var>key</var> is not defined, then <a href="#concept-return-an-error">return an error</a> named <a href="#dfn-DataError"><code>DataError</code></a>.
+            </p>
+          </li>
+          <li>
+            <p>
+              Return <var>key</var>.
             </p>
           </li>
         </ol>
@@ -1083,7 +1085,7 @@
   
   <span class="comment">// TBD: <a href="https://www.w3.org/2012/webcrypto/track/issues/35">ISSUE-35</a></span>
   Promise&lt;any&gt; <a href="#dfn-SubtleCrypto-method-importKey">importKey</a>(<a href="#dfn-KeyFormat">KeyFormat</a> format,
-                         CryptoOperationData keyData,
+                         object keyData,
                          <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> algorithm,
                          boolean extractable,
                          sequence&lt;<a href="#dfn-KeyUsage">KeyUsage</a>&gt; keyUsages );
@@ -1158,7 +1160,7 @@
                 <dt><code>spki</code></dt>
                 <dd>The DER encoding of the SubjectPublicKeyInfo structure from <a href="#RFC5280">RFC 5280</a>.</dd>
                 <dt><code>jwk</code></dt>
-                <dd>The key is represented as JSON according to the JSON Web Key format.</dd>
+                <dd>The key is a <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary encoded as a JavaScript object</dd>
               </dl>
             </dd>
           </dl>
@@ -1919,12 +1921,25 @@
                 </p>
               </li>
               <li>
-                <p>
-                  Let <var>keyData</var> be the result of
-                  <a href="#concept-clone-CryptoOperationData">cloning the data</a> of the
-                  <code>keyData</code> parameter passed to the
-                  <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method.
-                </p>
+                <dl class="switch">
+                  <dt>
+                    If <var>format</var> is equal to the string <code>raw</code>,
+                    <code>pkcs8</code>, or <code>spki</code>:
+                  </dt>
+                  <dd>
+                    Let <var>keyData</var> be the result of
+                    <a href="#concept-clone-CryptoOperationData">cloning the data</a> of the
+                    <code>keyData</code> parameter passed to the
+                    <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method.
+                  </dd>
+                  <dt>
+                    If <var>format</var> is equal to the string <code>jwk</code>:
+                  </dt>
+                  <dd>
+                    Let <var>keyData</var> be the result of converting the <code>keyData</code>
+                    parameter passed to the <a href="#dfn-SubtleCrypto-method-importKey">importKey</a> method to a <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.
+                  </dd>
+                </dl>
               </li>
               <li>
                 <p>
@@ -2001,15 +2016,6 @@
                 </p>
               </li>
             </ol>
-            <div class="ednote"><div class="ednoteHeader">Editorial note</div>
-              <a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=24963">Bug 24963</a> -
-              There is an open question as to whether/how to support importing
-              keys when format is <code>jwk</code>. As currently specified, it is a
-              JSON-encoded Javascript object, converted to a UTF-8 byte sequence, with the
-              raw bytes provided via <code>CryptoOperationData</code>. A separate
-              proposal exists to handle this via IDL, permitting importing JavaScript
-              objects directly when importing with <code>jwk</code>.
-            </div>
           </div>
 
           <div id="SubtleCrypto-method-exportKey" class="section">
@@ -2095,15 +2101,6 @@
                 </p>
               </li>
             </ol>
-            <div class="ednote"><div class="ednoteHeader">Editorial note</div>
-              <a href="https://www.w3.org/Bugs/Public/show_bug.cgi?id=24963">Bug 24963</a> -
-              There is an open question as to whether/how to support exporting
-              keys when format is <code>jwk</code>. As currently specified, the result
-              is a JSON-encoded Javascript object, converted to a UTF-8 byte
-              sequence, with the raw bytes provided via an ArrayBuffer. A separate
-              proposal exists to return an actual Javascript object when exporting
-              with <code>jwk</code>.
-            </div>
           </div>
 
           <div id="SubtleCrypto-method-wrapKey" class="section">
@@ -2193,10 +2190,49 @@
               </li>
               <li>
                 <p>
-                  Let <var>bytes</var> be the result of performing the export key operation
+                  Let <var>key</var> be the result of performing the export key operation
                   specified the <a href="#dfn-CryptoKey-algorithm">algorithm</a> attribute of
                   <var>key</var> using <var>key</var> and <var>format</var>.
                 </p>
+              </li>
+              <li>
+                <dl class="switch">
+                  <dt>
+                    If <var>format</var> is equal to the strings <code>raw</code>, <code>pkcs8</code>,
+                    or <code>spki</code>:
+                  </dt>
+                  <dd>
+                    Set <var>bytes</var> be set to <var>key</var>.
+                  </dd>
+                  <dt>
+                    If <var>format</var> is equal to the string <code>jwk</code>:
+                  </dt>
+                  <dd>
+                    <ol>
+                      <li>
+                        <p>
+                          Convert <var>key</var> to an ECMAScript Object, as specified in [
+                          <a href="#WebIDL">WEBIDL</a>].
+                        </p>
+                      </li>
+                      <li>
+                        <p>
+                          Let <var>json</var> be the result of representing <var>key</var> as a
+                          UTF-16 string conforming to the JSON grammar; for example, by executing
+                          the <code>JSON.stringify</code> algorithm specified in
+                          <a href="#ECMA-262">ECMA262</a>.
+                        </p>
+                      </li>
+                      <li>
+                        <p>
+                          Let <var>bytes</var> be the byte sequence the results from converting
+                          <var>json</var>, a JavaScript String comprised of UTF-16 code points, to
+                          UTF-8 code points.
+                        </p>
+                      </li>
+                    </ol>
+                  </dd>
+                </dl>
                 <div class="note"><div class="noteHeader">Note</div>
                   <p class="norm">
                     This note is non-normative.
@@ -2207,7 +2243,9 @@
                     length and RSA-OAEP places a restriction on the length. For key formats that
                     offer flexibility in serialization of a given key (for example JWK),
                     implementations may choose to adapt the serialization to the constraints of
-                    the wrapping algorithm.
+                    the wrapping algorithm. This is why JSON.stringify is not normatively required,
+                    as otherwise it would prohibit implementations from introducing added
+                    padding.
                   </p>
                 </div>
               </li>
@@ -2363,7 +2401,7 @@
                 <dl class="switch">
                   <dt>If <var>normalizedAlgorithm</var> supports an unwrap key operation:</dt>
                   <dd>
-                    Let <var>bytes</var> be the result of performing the unwrap key operation
+                    Let <var>key</var> be the result of performing the unwrap key operation
                     specified by <var>normalizedAlgorithm</var> using <var>algorithm</var>,
                     <var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
                     <var>ciphertext</var>.
@@ -2373,7 +2411,7 @@
                     operation:
                   </dt>
                   <dd>
-                    Let <var>bytes</var> be the result of performing the decrypt operation specified
+                    Let <var>key</var> be the result of performing the decrypt operation specified
                     by <var>normalizedAlgorithm</var> using <var>algorithm</var>,
                     <var>unwrappingKey</var> as <var>key</var> and <var>wrappedKey</var> as
                     <var>ciphertext</var>.
@@ -2386,6 +2424,25 @@
                 </dl>
               </li>
               <li>
+                <dl class="switch">
+                  <dt>
+                    If <var>format</var> is equal to the strings <code>raw</code>,
+                    <code>pkcs8</code>, or <code>spki</code>:
+                  </dt>
+                  <dd>
+                    Set <var>bytes</var> be set to <var>key</var>.
+                  </dd>
+                  <dt>
+                    If <var>format</var> is equal to the string <code>jwk</code>:
+                  </dt>
+                  <dd>
+                    Let <var>bytes</var> be the result of executing the
+                    <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm, withe <var>key</var>
+                    as the <code>data</code> to be parsed.
+                  </dd>
+                </dl>
+              </li>
+              <li>
                 <p>
                   Let <var>result</var> be the result of performing the import key operation
                   specified by <var>normalizedKeyAlgorithm</var> using
@@ -2470,9 +2527,56 @@
         </div>
       </div>
 
+      <div id="JsonWebKey-dictionary" class="section">
+        <h2>15. JsonWebKey dictionary</h2>
+        <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
+dictionary <dfn id="dfn-RsaOtherPrimesInfo">RsaOtherPrimesInfo</dfn> {
+  <span class="comment">// The following fields are defined in Section 6.3.2.7 of <a href="#jwa">JSON Web Algorithms</a></span>
+  DOMString r;
+  DOMString d;
+  DOMString t;
+};
+
+dictionary <dfn id="dfn-JsonWebKey">JsonWebKey</dfn> {
+  <span class="comment">// The following fields are defined in Section 3.1 of <a href="#jwk">JSON Web Key</a></span>
+  DOMString kty;
+  DOMString use;
+  sequence&lt;DOMString&gt; key_ops;
+  DOMString alg;
+
+  <span class="comment">// The following fields are defined in <a href="#iana-section-jwk">JSON Web Key Parameters Registration</a></span>
+  boolean ext;
+
+  <span class="comment">// The following fields are defined in Section 6 of <a href="#jwa">JSON Web Algorithms</a></span>
+  DOMString crv;
+  DOMString x;
+  DOMString y;
+  DOMString d;
+  DOMString n;
+  DOMString e;
+  DOMString p;
+  DOMString q;
+  DOMString dp;
+  DOMString dq;
+  DOMString qi;
+  sequence&lt;RsaOtherPrimesInfo&gt; oth;
+  DOMString k;
+};
+        </code></pre></div></div>
+        <div id="JsonWebKey-description">
+          <h3>Description</h3>
+          <p class="norm">The following section is non-normative</p>
+          <p>
+            The <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary provides a way to represent
+            and exchange cryptographic keys represented by the <a href="#JWK">JSON Web Key</a>
+            structure, while allowing native and efficient use within Web Cryptography API
+            applications.
+          </p>
+        </div>
+      </div>
 
       <div id="WorkerCrypto-interface" class="section">
-        <h2>15. WorkerCrypto interface</h2>
+        <h2>16. WorkerCrypto interface</h2>
         <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 interface <dfn id="dfn-WorkerCrypto">WorkerCrypto</dfn> {
   readonly attribute <a href="#dfn-SubtleCrypto">SubtleCrypto</a> <dfn id="dfn-WorkerCrypto-subtle">subtle</dfn>;
@@ -2485,7 +2589,7 @@
 };
         </code></pre></div></div>
         <div id="WorkerCrypto-description" class="section">
-          <h3>15.1. Description</h3>
+          <h3>16.1. Description</h3>
           <p>
             The <a href="#dfn-WorkerCrypto">WorkerCrypto</a> interface provides cryptographic
             functionality for background scripts, as specified by Web Workers [
@@ -2495,7 +2599,7 @@
       </div>
 
       <div id="big-integer" class="section">
-        <h2>16. BigInteger</h2>
+        <h2>17. BigInteger</h2>
         <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 typedef Uint8Array <dfn id="dfn-BigInteger">BigInteger</dfn>;
         </code></pre></div></div>
@@ -2515,7 +2619,7 @@
       </div>
       
       <div id="keypair" class="section">
-        <h2>17. KeyPair</h2>
+        <h2>18. KeyPair</h2>
         <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 interface <dfn id="dfn-CryptoKeyPair">CryptoKeyPair</dfn> {
   readonly attribute <a href="#dfn-CryptoKey">CryptoKey</a> publicKey;
@@ -2529,7 +2633,7 @@
       </div>
 
       <div id="algorithms" class="section">
-        <h2>18. Algorithms</h2>
+        <h2>19. Algorithms</h2>
         <div class="ednote"><div class="ednoteHeader">Editorial note</div>
           <p>
             Note: All algorithms listed should be considered as "features at risk",
@@ -2544,7 +2648,7 @@
           </p>
         </div>
         <div id="algorithms-index" class="section">
-          <h3>18.1. Registered algorithms</h3>
+          <h3>19.1. Registered algorithms</h3>
           <table>
             <thead>
               <tr>
@@ -2883,7 +2987,7 @@
           </table>
         </div>
         <div id="recommended-algorithms" class="section">
-          <h3>18.2. Recommended algorithms</h3>
+          <h3>19.2. Recommended algorithms</h3>
           <p class="norm">This section is non-normative</p>
           <p>
             As the API is meant to be extensible in order to keep up with future developments within
@@ -2926,7 +3030,7 @@
           </p>
         </div>
         <div id="defining-an-algorithm" class="section">
-          <h3>18.3. Defining an algorithm</h3>
+          <h3>19.3. Defining an algorithm</h3>
           <p>
             Each algorithm that is to be exposed via the Web Cryptography API
             <span class="RFC2119">SHOULD</span> be registered via the Web Cryptography working group,
@@ -2935,7 +3039,7 @@
             <span class="RFC2119">MUST</span> be processed as if the sections had been defined.
           </p>
           <div id="recognized-algorithm-name" class="section">
-            <h4>18.3.1. Recognized algorithm name</h4>
+            <h4>19.3.1. Recognized algorithm name</h4>
             <p>
               Each registered algorithm <span class="RFC2119">MUST</span> have a canonical name
               for which applications can refer to the algorithm. The canonical name
@@ -2946,14 +3050,14 @@
             </p>
           </div>
           <div id="supported-operations" class="section">
-            <h4>18.3.2. Supported operations</h4>
+            <h4>19.3.2. Supported operations</h4>
             <p>
               Each registered algorithm <span class="RFC2119">MUST</span> define the operations
               that it supports.
             </p>
           </div>
           <div id="algorithm-specific-params" class="section">
-            <h4>18.3.3. Algorithm-specific parameters</h4>
+            <h4>19.3.3. Algorithm-specific parameters</h4>
             <p>
               Each registered algorithm <span class="RFC2119">MUST</span> define the expected
               parameters, if any, that should be exposed via the <a href="#dfn-Algorithm">Algorithm</a>
@@ -2961,7 +3065,7 @@
             </p>
           </div>
           <div id="algorithm-result" class="section">
-            <h4>18.3.4. Algorithm results</h4>
+            <h4>19.3.4. Algorithm results</h4>
             <p>
               Each registered algorithm <span class="RFC2119">MUST</span> define the contents
               of the result of performing the underlying cryptographic operation for every
@@ -2969,7 +3073,7 @@
             </p>
           </div>
           <div id="algorithm-alias" class="section">
-            <h4>18.3.5. <dfn id="dfn-algorithm-alias">Algorithm aliases</dfn></h4>
+            <h4>19.3.5. <dfn id="dfn-algorithm-alias">Algorithm aliases</dfn></h4>
             <p>
               Each registered algorithm <span class="RFC2119">MAY</span> define one or more aliases
               that may define a fully normalized <a href="#dfn-Algorithm">Algorithm</a> object.
@@ -2982,9 +3086,9 @@
         </div>
 
         <div id="rsaes-pkcs1" class="section">
-          <h3>18.4. RSAES-PKCS1-v1_5</h3>
+          <h3>19.4. RSAES-PKCS1-v1_5</h3>
           <div id="rsaes-pkcs1-description" class="section">
-            <h4>18.4.1. Description</h4>
+            <h4>19.4.1. Description</h4>
             <p>
               The <code>"RSAES-PKCS1-v1_5"</code> algorithm identifier is used to perform encryption
               and decryption ordering to the RSAES-PKCS1-v1_5 algorithm specified in
@@ -2992,7 +3096,7 @@
             </p>
           </div>
           <div id="rsaes-pkcs1-registration" class="section">
-            <h4>18.4.2. Registration</h4>
+            <h4>19.4.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"RSAES-PKCS1-v1_5"</code>.
@@ -3029,13 +3133,13 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
           </div>
           <div id="RsaKeyGenParams-dictionary" class="section">
-            <h4>18.4.3. RsaKeyGenParams dictionary</h4>
+            <h4>19.4.3. RsaKeyGenParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-RsaKeyGenParams">RsaKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The length, in bits, of the RSA modulus</span>
@@ -3046,7 +3150,7 @@
             </code></pre></div></div>
           </div>
           <div id="RsaKeyAlgorithm-interface" class="section">
-            <h4>18.4.4. RsaKeyAlgorithm interface</h4>
+            <h4>19.4.4. RsaKeyAlgorithm interface</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 interface <dfn id="dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
   <span class="comment">// The length, in bits, of the RSA modulus</span>
@@ -3057,7 +3161,7 @@
             </code></pre></div></div>
           </div>
           <div id="rsaes-pkcs1-operations" class="section">
-            <h4>18.4.5. Operations</h4>
+            <h4>19.4.5. Operations</h4>
             <dl>
               <dt>Encrypt</dt>
               <dd>
@@ -3420,9 +3524,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -3586,7 +3689,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
+                              Let <var>data</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
                             <ul>
@@ -3620,6 +3723,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>array</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -3633,7 +3742,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
+                              Let <var>data</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
                               with the following properties:
                             </p>
                             <ul>
@@ -3679,25 +3788,34 @@
                               </li>
                             </ul>                              
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ul>
                           <li>
-                            <p>Let <var>jwk</var> be a new internal object.</p>
-                          </li>
-                          <li>
-                            <p>Set the <code>kty</code> property of <var>jwk</var> to the string
+                            <p>
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
                             <code>"RSA"</code>.</p>
                           </li>
                           <li>
-                            <p>Set the <code>alg</code> property of <var>jwk</var> to the string
+                            <p>Set the <code>alg</code> attribute of <var>jwk</var> to the string
                             <code>"RSA1_5"</code>.</p>
                           </li>
                           <li>
                             <p>
-                              Set the properties <code>n</code> and <code>e</code> of <var>jwk</var>
+                              Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
                               according to the corresponding definitions in <a href="#jwa">JSON Web
                               Algorithms</a>, Section 6.3.1.
                             </p>
@@ -3712,7 +3830,7 @@
                                 <ol>
                                   <li>
                                     <p>
-                                      Set the properties named <code>d</code>, <code>p</code>,
+                                      Set the attributes named <code>d</code>, <code>p</code>,
                                       <code>q</code>, <code>dp</code>, <code>dq</code>, and
                                       <code>qi</code> of <var>jwk</var> according to the
                                       corresponding definitions in <a href="#jwa">JSON Web
@@ -3723,7 +3841,7 @@
                                     <p>
                                       If the underlying RSA private key represented by
                                       <var>key</var> is represented by more than two primes, set the
-                                      member named <code>oth</code> of <var>jwk</var> according to
+                                      attribute named <code>oth</code> of <var>jwk</var> according to
                                       the corresponding definition in <a href="#jwa">JSON Web
                                       Algorithms</a>, Section 6.3.2.7
                                     </p>
@@ -3734,26 +3852,19 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding
-                              <var>jwk</var> according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>result</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ul>
@@ -3768,13 +3879,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> containing
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -3784,9 +3889,9 @@
         </div>
 
         <div id="rsassa-pkcs1" class="section">
-          <h3>18.5. RSASSA-PKCS1-v1_5</h3>
+          <h3>19.5. RSASSA-PKCS1-v1_5</h3>
           <div id="rsassa-pkcs1-description" class="section">
-            <h4>18.5.1. Description</h4>
+            <h4>19.5.1. Description</h4>
             <p>
               The <code>"RSASSA-PKCS1-v1_5"</code> algorithm identifier is used to perform
               signing and verification using the RSASSA-PKCS1-v1_5 algorithm specified in
@@ -3794,7 +3899,7 @@
             </p>
           </div>
           <div id="rsassa-pkcs1-registration" class="section">
-            <h4>18.5.2. Registration</h4>
+            <h4>19.5.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"RSASSA-PKCS1-v1_5"</code>.
@@ -3831,13 +3936,13 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
           </div>
           <div id="RsaHashedKeyGenParams-dictionary" class="section">
-            <h4>18.5.3. RsaHashedKeyGenParams dictionary</h4>
+            <h4>19.5.3. RsaHashedKeyGenParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-RsaHashedKeyGenParams">RsaHashedKeyGenParams</dfn> : <a href="#dfn-RsaKeyGenParams">RsaKeyGenParams</a> {
   <span class="comment">// The hash algorithm to use</span> 
@@ -3846,7 +3951,7 @@
             </code></pre></div></div>
           </div>
           <div id="RsaHashedKeyAlgorithm-interface" class="section">
-            <h4>18.5.4. RsaHashedKeyAlgorithm interface</h4>
+            <h4>19.5.4. RsaHashedKeyAlgorithm interface</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 [NoInterfaceObject]
 interface <dfn id="dfn-RsaHashedKeyAlgorithm">RsaHashedKeyAlgorithm</dfn> : <a href="#dfn-RsaKeyAlgorithm">RsaKeyAlgorithm</a> {
@@ -3856,7 +3961,7 @@
             </code></pre></div></div>
           </div>
           <div id="RsaHashedImportParams-dictionary" class="section">
-            <h4>18.5.5. RsaHashedImportParams dictionary</h4>
+            <h4>19.5.5. RsaHashedImportParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-RsaHashedImportParams">RsaHashedImportParams</dfn> {
   <span class="comment">// The hash algorithm to use</span>
@@ -3871,7 +3976,7 @@
             </div>
           </div>
           <div id="rsassa-pkcs1-operations" class="section">
-            <h4>18.5.6. Operations</h4>
+            <h4>19.5.6. Operations</h4>
             <dl>
               <dt>Sign</dt>
               <dd>
@@ -4414,9 +4519,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -4639,7 +4743,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
+                              Let <var>data</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
                             <ul>
@@ -4673,6 +4777,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -4686,7 +4796,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
+                              Let <var>data</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
                               with the following properties:
                             </p>
                             <ul>
@@ -4732,16 +4842,22 @@
                               </li>
                             </ul>                              
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ul>
                           <li>
-                            <p>Let <var>jwk</var> be a new internal object.</p>
-                          </li>
-                          <li>
-                            <p>Set the <code>kty</code> field of <var>jwk</var> to the string
+                            <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.</p>
+                          </li>
+                          <li>
+                            <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
                             <code>"RSA"</code>.</p>
                           </li>
                           <li>
@@ -4756,28 +4872,28 @@
                               <dt>If <var>hash</var> is <code>SHA-1</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>RS1</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-256</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>RS256</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-384</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>RS384</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-512</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>RS512</code>.
                                 </p>
                               </dd>
@@ -4791,12 +4907,12 @@
                             </dl>
                           </li>
                           <li>
-                            <p>Set the <code>alg</code> field of <var>jwk</var> to the string
-                            <code>"RSA1_5"</code>.</p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+                            <p>Set the <code>alg</code> attribute of <var>jwk</var> to the string
+                            <code>RSA1_5</code>.</p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
                               according to the corresponding definitions in <a href="#jwa">JSON Web
                               Algorithms</a>, Section 6.3.1.
                             </p>
@@ -4811,7 +4927,7 @@
                                 <ol>
                                   <li>
                                     <p>
-                                      Set the fields named <code>d</code>, <code>p</code>,
+                                      Set the attributes named <code>d</code>, <code>p</code>,
                                       <code>q</code>, <code>dp</code>, <code>dq</code>, and
                                       <code>qi</code> of <var>jwk</var> according to the
                                       corresponding definitions in <a href="#jwa">JSON Web
@@ -4822,7 +4938,7 @@
                                     <p>
                                       If the underlying RSA private key represented by
                                       <var>key</var> is represented by more than two primes, set the
-                                      field named <code>oth</code> of <var>jwk</var> according to
+                                      attribute named <code>oth</code> of <var>jwk</var> according to
                                       the corresponding definition in <a href="#jwa">JSON Web
                                       Algorithms</a>, Section 6.3.2.7
                                     </p>
@@ -4833,26 +4949,19 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding
-                              <var>jwk</var> according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>result</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ul>
@@ -4868,13 +4977,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> containing
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -4884,9 +4987,9 @@
         </div>
 
         <div id="rsa-pss" class="section">
-          <h3>18.6. RSA-PSS</h3>
+          <h3>19.6. RSA-PSS</h3>
           <div id="rsa-pss-description" class="section">
-            <h4>18.6.1. Description</h4>
+            <h4>19.6.1. Description</h4>
             <p>
               The <code>"RSA-PSS"</code> algorithm identifier is used to perform signing
               and verification using the RSASSA-PSS algorithm specified in
@@ -4895,7 +4998,7 @@
             </p>
           </div>
           <div id="rsa-pss-registration" class="section">
-            <h4>18.6.2. Registration</h4>
+            <h4>19.6.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"RSA-PSS"</code>.
@@ -4932,13 +5035,13 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
           </div>
           <div id="RsaPssParams-dictionary" class="section">
-            <h4>18.6.3. RsaPssParams dictionary</h4>
+            <h4>19.6.3. RsaPssParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-RsaPssParams">RsaPssParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The desired length of the random salt</span>
@@ -4947,7 +5050,7 @@
             </code></pre></div></div>
           </div>
           <div id="rsa-pss-operations" class="section">
-            <h4>18.6.4. Operations</h4>
+            <h4>19.6.4. Operations</h4>
             <dl>
               <dt>Sign</dt>
               <dd>
@@ -5637,9 +5740,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -5862,7 +5964,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
+                              Let <var>data</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
                             <ul>
@@ -5989,6 +6091,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -6002,7 +6110,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
+                              Let <var>data</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
                               with the following properties:
                             </p>
                             <ul>
@@ -6141,16 +6249,22 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ul>
                           <li>
-                            <p>Let <var>jwk</var> be a new internal object.</p>
-                          </li>
-                          <li>
-                            <p>Set the <code>kty</code> field of <var>jwk</var> to the string
+                            <p>Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a> dictionary.</p>
+                          </li>
+                          <li>
+                            <p>Set the <code>kty</code> attribute of <var>jwk</var> to the string
                             <code>"RSA"</code>.</p>
                           </li>
                           <li>
@@ -6166,28 +6280,28 @@
                               <dt>If <var>hash</var> is <code>SHA-1</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>PS1</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-256</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>PS256</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-384</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>PS384</code>.
                                 </p>
                               </dd>
                               <dt>If <var>hash</var> is <code>SHA-512</code>:</dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>PS512</code>.
                                 </p>
                               </dd>
@@ -6202,7 +6316,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+                              Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
                               according to the corresponding definitions in <a href="#jwa">JSON Web
                               Algorithms</a>, Section 6.3.1.
                             </p>
@@ -6217,7 +6331,7 @@
                                 <ol>
                                   <li>
                                     <p>
-                                      Set the fields named <code>d</code>, <code>p</code>,
+                                      Set the attributes named <code>d</code>, <code>p</code>,
                                       <code>q</code>, <code>dp</code>, <code>dq</code>, and
                                       <code>qi</code> of <var>jwk</var> according to the
                                       corresponding definitions in <a href="#jwa">JSON Web
@@ -6228,7 +6342,7 @@
                                     <p>
                                       If the underlying RSA private key represented by
                                       <var>key</var> is represented by more than two primes, set the
-                                      field named <code>oth</code> of <var>jwk</var> according to
+                                      attribute named <code>oth</code> of <var>jwk</var> according to
                                       the corresponding definition in <a href="#jwa">JSON Web
                                       Algorithms</a>, Section 6.3.2.7
                                     </p>
@@ -6239,26 +6353,19 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding
-                              <var>jwk</var> according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>result</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ul>
@@ -6274,13 +6381,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> containing
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -6290,9 +6391,9 @@
         </div>
 
         <div id="rsa-oaep" class="section">
-          <h3>18.7. RSA-OAEP</h3>
+          <h3>19.7. RSA-OAEP</h3>
           <div id="rsa-oaep-description" class="section">
-            <h4>18.7.1. Description</h4>
+            <h4>19.7.1. Description</h4>
             <p>
               The <code>"RSA-OAEP"</code> algorithm identifier is used to perform encryption
               and decryption ordering to the RSAES-OAEP algorithm specified in
@@ -6301,7 +6402,7 @@
             </p>
           </div>
           <div id="rsa-oaep-registration" class="section">
-            <h4>18.7.2. Registration</h4>
+            <h4>19.7.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"RSA-OAEP"</code>.
@@ -6338,14 +6439,14 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
           </div>
 
           <div id="rsa-oaep-params" class="section">
-            <h4>18.7.3. RsaOaepParams dictionary</h4>
+            <h4>19.7.3. RsaOaepParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-RsaOaepParams">RsaOaepParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The optional label/application data to associate with the message</span>
@@ -6354,7 +6455,7 @@
             </code></pre></div></div>
           </div>
           <div id="rsa-oaep-operations" class="section">
-            <h4>18.7.4. Operations</h4>
+            <h4>19.7.4. Operations</h4>
             <dl>
               <dt>Encrypt</dt>
               <dd>
@@ -7046,9 +7147,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -7248,7 +7348,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
+                              Let <var>data</var> be the result of <a href="#dfn-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
                             <ul>
@@ -7367,6 +7467,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -7380,7 +7486,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
+                              Let <var>data</var> be the result of <a href="#dfn-encode-a-privateKeyInfo"> encoding a privateKeyInfo</a>
                               with the following properties:
                             </p>
                             <ul>
@@ -7511,17 +7617,26 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ul>
                           <li>
-                            <p>Let <var>jwk</var> be a new internal object.</p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> field of <var>jwk</var> to the string
+                            <p>
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the string
                               <code>"RSA"</code>.
                             </p>
                           </li>
@@ -7535,7 +7650,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>"RSA-OAEP"</code>.
                                 </p>
                               </dd>
@@ -7547,7 +7662,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>"RSA-OAEP-256"</code>.
                                 </p>
                               </dd>
@@ -7559,7 +7674,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>"RSA-OAEP-384"</code>.
                                 </p>
                               </dd>
@@ -7571,7 +7686,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>alg</code> field of <var>jwk</var> to the string
+                                  Set the <code>alg</code> attribute of <var>jwk</var> to the string
                                   <code>"RSA-OAEP-512"</code>.
                                 </p>
                               </dd>
@@ -7579,7 +7694,7 @@
                           </li>
                           <li>
                             <p>
-                              Set the fields <code>n</code> and <code>e</code> of <var>jwk</var>
+                              Set the attributes <code>n</code> and <code>e</code> of <var>jwk</var>
                               according to the corresponding definitions in <a href="#jwa">JSON Web
                               Algorithms</a>, Section 6.3.1.
                             </p>
@@ -7594,7 +7709,7 @@
                                 <ol>
                                   <li>
                                     <p>
-                                      Set the fields named <code>d</code>, <code>p</code>,
+                                      Set the attributes named <code>d</code>, <code>p</code>,
                                       <code>q</code>, <code>dp</code>, <code>dq</code>, and
                                       <code>qi</code> of <var>jwk</var> according to the
                                       corresponding definitions in <a href="#jwa">JSON Web
@@ -7605,7 +7720,7 @@
                                     <p>
                                       If the underlying RSA private key represented by
                                       <var>key</var> is represented by more than two primes, set the
-                                      field named <code>oth</code> of <var>jwk</var> according to
+                                      attribute named <code>oth</code> of <var>jwk</var> according to
                                       the corresponding definition in <a href="#jwa">JSON Web
                                       Algorithms</a>, Section 6.3.2.7
                                     </p>
@@ -7616,26 +7731,19 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>ext</code> field of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding
-                              <var>jwk</var> according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>result</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ul>
@@ -7651,13 +7759,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> containing
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -7667,9 +7769,9 @@
         </div>
 
         <div id="ecdsa" class="section">
-          <h3>18.8. ECDSA</h3>
+          <h3>19.8. ECDSA</h3>
           <div id="ecdsa-description" class="section">
-            <h4>18.8.1. Description</h4>
+            <h4>19.8.1. Description</h4>
             <p>
               The <code>"ECDSA"</code> algorithm identifier is used to perform signing
               and verification using the ECDSA algorithm specified in
@@ -7677,7 +7779,7 @@
             </p>
           </div>
           <div id="ecdsa-registration" class="section">
-            <h4>18.8.2. Registration</h4>
+            <h4>19.8.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"ECDSA"</code>.
@@ -7714,14 +7816,14 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
 
               </tbody>
             </table>
           </div>
           <div id="EcdsaParams-dictionary" class="section">
-            <h4>18.8.3. EcdsaParams dictionary</h4>
+            <h4>19.8.3. EcdsaParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-EcdsaParams">EcdsaParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The hash algorithm to use</span>
@@ -7730,7 +7832,7 @@
             </code></pre></div></div>
           </div>
           <div id="EcKeyGenParams-dictionary" class="section">
-            <h4>18.8.4. EcKeyGenParams dictionary</h4>
+            <h4>19.8.4. EcKeyGenParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 typedef DOMString <a href="#dfn-NamedCurve">NamedCurve</a>;
 
@@ -7754,7 +7856,7 @@
             </dl>
           </div>
           <div id="EcKeyAlgorithm-interface" class="section">
-            <h4>18.8.5. EcKeyAlgorithm interface</h4>
+            <h4>19.8.5. EcKeyAlgorithm interface</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 [NoInterfaceObject]
 interface <dfn id="dfn-EcKeyAlgorithm">EcKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
@@ -7764,7 +7866,7 @@
             </code></pre></div></div>
           </div>
           <div id="EcKeyImportParams-dictionary" class="section">
-            <h4>18.8.6. EcKeyImportParams dictionary</h4>
+            <h4>19.8.6. EcKeyImportParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-EcKeyImportParams">EcKeyImportParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// A named curve</span>
@@ -7774,7 +7876,7 @@
           </div>
 
           <div id="ecdsa-operations" class="section">
-            <h4>18.8.7. Operations</h4>
+            <h4>19.8.7. Operations</h4>
             <dl>
               <dt>Sign</dt>
               <dd>
@@ -8425,9 +8527,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm over
-                              <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -8637,7 +8738,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#concept-encode-a-subjectPublicKeyInfo">encoding a
+                              Let <var>data</var> be the result of <a href="#concept-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
                             <ul>
@@ -8711,6 +8812,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"pkcs8"</code>:</dt>
@@ -8724,7 +8831,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#concept-encode-a-privateKeyInfo">encoding a
+                              Let <var>data</var> be the result of <a href="#concept-encode-a-privateKeyInfo">encoding a
                               privateKeyInfo</a> with the following properties:
                             </p>
                             <ul>
@@ -8820,6 +8927,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
@@ -8827,12 +8940,13 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to
                               <code>"EC"</code>.
                             </p>
                           </li>
@@ -8844,7 +8958,7 @@
                                 attribute of <var>key</var> is <code>P-256</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-256"</code>
                               </dd>
                               <dt>
@@ -8853,7 +8967,7 @@
                                 attribute of <var>key</var> is <code>P-384</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-384"</code>
                               </dd>
                               <dt>
@@ -8862,21 +8976,21 @@
                                 attribute of <var>key</var> is <code>P-521</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-521"</code>
                               </dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>x</code> property of <var>jwk</var> according to the
+                              Set the <code>x</code> attribute of <var>jwk</var> according to the
                               definition in Section 6.2.1.2 of <a href="#jwa">JSON Web
                               Algorithms</a>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>y</code> property of <var>jwk</var> according to the
+                              Set the <code>y</code> attribute of <var>jwk</var> according to the
                               definition in Section 6.2.1.3 of <a href="#jwa">JSON Web
                               Algorithms</a>.
                             </p>
@@ -8889,7 +9003,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>d</code> property of <var>jwk</var> according to the
+                                  Set the <code>d</code> attribute of <var>jwk</var> according to the
                                   definition in Section 6.2.2.1 of <a href="#jwa">JSON Web
                                   Algorithms</a>.
                                 </p>
@@ -8898,27 +9012,20 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -8934,13 +9041,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> that contains
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -8950,16 +9051,16 @@
         </div>
 
         <div id="ecdh" class="section">
-          <h3>18.9. ECDH</h3>
+          <h3>19.9. ECDH</h3>
           <div id="ecdh-description" class="section">
-            <h4>18.9.1. Description</h4>
+            <h4>19.9.1. Description</h4>
             <p>
               This describes using Elliptic Curve Diffie-Hellman (ECDH) for key generation and key
               agreement, as specified by <a href="#X9.63">X9.63</a>.
             </p>
           </div>
           <div id="ecdh-registration" class="section">
-            <h4>18.9.2. Registration</h4>
+            <h4>19.9.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"ECDH"</code>.
@@ -8991,13 +9092,13 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
           </div>
           <div id="dh-EcdhKeyDeriveParams" class="section">
-            <h4>18.9.3. EcdhKeyDeriveParams dictionary</h4>
+            <h4>19.9.3. EcdhKeyDeriveParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 typedef Uint8Array <dfn id="dfn-ECPoint">ECPoint</dfn>;
 
@@ -9008,7 +9109,7 @@
             </code></pre></div></div>
           </div>
           <div id="ecdh-operations" class="section">
-            <h4>18.9.4. Operations</h4>
+            <h4>19.9.4. Operations</h4>
             <dl>
               <dt>Generate Key</dt>
               <dd>
@@ -9585,9 +9686,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a JWK</a> algorithm over
-                              <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -10039,12 +10139,13 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to
                               <code>"EC"</code>.
                             </p>
                           </li>
@@ -10056,7 +10157,7 @@
                                 attribute of <var>key</var> is <code>P-256</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-256"</code>
                               </dd>
                               <dt>
@@ -10065,7 +10166,7 @@
                                 attribute of <var>key</var> is <code>P-384</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-384"</code>
                               </dd>
                               <dt>
@@ -10074,21 +10175,21 @@
                                 attribute of <var>key</var> is <code>P-521</code>:
                               </dt>
                               <dd>
-                                Set the <code>crv</code> property of <var>jwk</var> to
+                                Set the <code>crv</code> attribute of <var>jwk</var> to
                                 <code>"P-521"</code>
                               </dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>x</code> property of <var>jwk</var> according to the
+                              Set the <code>x</code> attribute of <var>jwk</var> according to the
                               definition in Section 6.2.1.2 of <a href="#jwa">JSON Web
                               Algorithms</a>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>y</code> property of <var>jwk</var> according to the
+                              Set the <code>y</code> attribute of <var>jwk</var> according to the
                               definition in Section 6.2.1.3 of <a href="#jwa">JSON Web
                               Algorithms</a>.
                             </p>
@@ -10101,7 +10202,7 @@
                               </dt>
                               <dd>
                                 <p>
-                                  Set the <code>d</code> property of <var>jwk</var> according to the
+                                  Set the <code>d</code> attribute of <var>jwk</var> according to the
                                   definition in Section 6.2.2.1 of <a href="#jwa">JSON Web
                                   Algorithms</a>.
                                 </p>
@@ -10110,27 +10211,20 @@
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
+                              Set the <code>ext</code> attribute of <var>jwk</var> to the <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -10152,6 +10246,12 @@
                               point <var>Q</var> represented by <var>key</var> according to <a href="#X9.62">X9.62</a> Annex A.
                             </p>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>Otherwise:</dt>
@@ -10165,13 +10265,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> that contains
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -10181,9 +10275,9 @@
         </div>
 
         <div id="aes-ctr" class="section">
-          <h3>18.10. AES-CTR</h3>
+          <h3>19.10. AES-CTR</h3>
           <div id="aes-ctr-description" class="section">
-            <h4>18.10.1. Description</h4>
+            <h4>19.10.1. Description</h4>
             <p class="norm">This section is non-normative.</p>
             <p>
               The <code>"AES-CTR"</code> algorithm identifier is used to perform
@@ -10192,7 +10286,7 @@
             </p>
           </div>
           <div id="aes-ctr-registration" class="section">
-            <h4>18.10.2. Registration</h4>
+            <h4>19.10.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"AES-CTR"</code>.
@@ -10229,7 +10323,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -10241,7 +10335,7 @@
           </div>
 
           <div id="aes-ctr-params" class="section">
-            <h4>18.10.3. AesCtrParams dictionary</h4>
+            <h4>19.10.3. AesCtrParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-AesCtrParams">AesCtrParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The initial value of the counter block. counter <span class="RFC2119">MUST</span> be 16 bytes
@@ -10268,7 +10362,7 @@
             </code></pre></div></div>
           </div>
           <div id="aes-keygen-params" class="section">
-            <h4>18.10.5. AesKeyGenParams dictionary</h4>
+            <h4>19.10.5. AesKeyGenParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-AesKeyGenParams">AesKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The length, in bits, of the key.</span>
@@ -10277,7 +10371,7 @@
             </code></pre></div></div>
           </div>
           <div id="aes-derivedkey-params" class="section">
-            <h4>18.10.6. AesDerivedKeyParams dictionary</h4>
+            <h4>19.10.6. AesDerivedKeyParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-AesDerivedKeyParams">AesDerivedKeyParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The length, in bits, of the key.</span>
@@ -10287,7 +10381,7 @@
           </div>
 
           <div id="aes-ctr-operations" class="section">
-            <h4>18.10.7. Operations</h4>
+            <h4>19.10.7. Operations</h4>
             <dl>
               <dt>Encrypt</dt>
               <dd>
@@ -10537,9 +10631,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -10679,26 +10772,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containing the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -10708,42 +10814,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128CTR"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192CTR"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256CTR"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -10752,12 +10851,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -10802,9 +10896,9 @@
         </div>
 
         <div id="aes-cbc" class="section">
-          <h3>18.11. AES-CBC</h3>
+          <h3>19.11. AES-CBC</h3>
           <div id="aes-cbc-description" class="section">
-            <h4>18.11.1. Description</h4>
+            <h4>19.11.1. Description</h4>
             <p class="norm">This section is non-normative.</p>
             <p>
               The <code>"AES-CBC"</code> algorithm identifier is used to perform
@@ -10820,7 +10914,7 @@
             </p>
           </div>
           <div id="aes-cbc-registration" class="section">
-            <h4>18.11.2. Registration</h4>
+            <h4>19.11.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"AES-CBC"</code>.
@@ -10857,7 +10951,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -10868,7 +10962,7 @@
             </table>
           </div>
           <div id="aes-cbc-params" class="section">
-            <h4>18.11.3. AesCbcParams dictionary</h4>
+            <h4>19.11.3. AesCbcParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-AesCbcParams">AesCbcParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The initialization vector. <span class="RFC2119">MUST</span> be 16 bytes.</span>
@@ -10877,7 +10971,7 @@
             </code></pre></div></div>
           </div>
           <div id="aes-cbc-operations" class="section">
-            <h4>18.11.4. Operations</h4>
+            <h4>19.11.4. Operations</h4>
             <dl>
               <dt>Encrypt</dt>
               <dd>
@@ -11128,9 +11222,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -11271,26 +11364,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containing the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -11300,42 +11406,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128CBC"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192CBC"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256CBC"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -11344,12 +11443,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -11394,9 +11488,9 @@
         </div>
 
         <div id="aes-cmac" class="section">
-          <h3>18.12. AES-CMAC</h3>
+          <h3>19.12. AES-CMAC</h3>
           <div id="aes-cmac-description" class="section">
-            <h4>18.12.1. Description</h4>
+            <h4>19.12.1. Description</h4>
             <p class="norm">This section is non-normative.</p>
             <p>
               The <code>"AES-CMAC"</code> algorithm identifier is used to perform
@@ -11405,7 +11499,7 @@
             </p>
           </div>
           <div id="aes-cmac-registration" class="section">
-            <h4>18.12.2. Registration</h4>
+            <h4>19.12.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"AES-CMAC"</code>.
@@ -11442,7 +11536,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -11453,7 +11547,7 @@
             </table>
           </div>
           <div id="aes-cmac-params" class="section">
-            <h4>18.12.3. AesCmacParams dictionary</h4>
+            <h4>19.12.3. AesCmacParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-AesCmacParams">AesCmacParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The length, in bits, of the MAC.</span>
@@ -11462,7 +11556,7 @@
             </code></pre></div></div>
           </div>
           <div id="aes-cmac-operations" class="section">
-            <h4>18.12.4. Operations</h4>
+            <h4>19.12.4. Operations</h4>
             <dl>
               <dt>Sign</dt>
               <dd>
@@ -11672,9 +11766,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -11815,26 +11908,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containing the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -11844,42 +11950,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128CMAC"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192CMAC"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256CMAC"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -11888,7 +11987,7 @@
                   </li>
                   <li>
                     <p>
-                      Return a new ArrayBuffer containing <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -11932,9 +12031,9 @@
           </div>
         </div>
         <div id="aes-gcm" class="section">
-          <h3>18.13. AES-GCM</h3>
+          <h3>19.13. AES-GCM</h3>
           <div id="aes-gcm-description" class="section">
-            <h4>18.13.1. Description</h4>
+            <h4>19.13.1. Description</h4>
             <p class="norm">This section is non-normative.</p>
             <p>
               The <code>"AES-GCM"</code> algorithm identifier is used to perform
@@ -11943,7 +12042,7 @@
             </p>
           </div>
           <div id="aes-gcm-registration" class="section">
-             <h4>18.13.2. Registration</h4>
+             <h4>19.13.2. Registration</h4>
              <p>
                The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
                this algorithm is <code>"AES-GCM"</code>.
@@ -11980,7 +12079,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -11991,7 +12090,7 @@
              </table>
            </div>
           <div id="aes-gcm-params" class="section">
-            <h4>18.13.3. AesGcmParams dictionary</h4>
+            <h4>19.13.3. AesGcmParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-AesGcmParams">AesGcmParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The initialization vector to use. May be up to 2^64-1 bytes long.</span>
@@ -12004,7 +12103,7 @@
             </code></pre></div></div>
           </div>
           <div id="aes-gcm-operations" class="section">
-            <h4>18.13.4. Operations</h4>
+            <h4>19.13.4. Operations</h4>
             <dl>
               <dt>Encrypt</dt>
               <dd>
@@ -12343,9 +12442,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -12486,26 +12584,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containing the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -12515,42 +12626,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128GCM"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192GCM"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256GCM"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -12564,7 +12668,7 @@
                   </li>
                   <li>
                     <p>
-                      Return a new ArrayBuffer containing <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -12609,9 +12713,9 @@
         </div>
 
         <div id="aes-cfb" class="section">
-          <h3>18.14. AES-CFB</h3>
+          <h3>19.14. AES-CFB</h3>
           <div id="aes-cfb-description" class="section">
-            <h4>18.14.1. Description</h4>
+            <h4>19.14.1. Description</h4>
             <p class="norm">This section is non-normative.</p>
             <p>
               The <code>"AES-CFB-8"</code> algorithm identifier is used to perform
@@ -12621,7 +12725,7 @@
             </p>
           </div>
           <div id="aes-cfb-registration" class="section">
-            <h4>18.14.2. Registration</h4>
+            <h4>19.14.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"AES-CFB-8"</code>.
@@ -12658,7 +12762,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -12669,7 +12773,7 @@
             </table>
           </div>
           <div id="aes-cfb-params" class="section">
-            <h4>18.14.3. AesCfbParams dictionary</h4>
+            <h4>19.14.3. AesCfbParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-AesCfbParams">AesCfbParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The initialization vector. <span class="RFC2119">MUST</span> be 16 bytes.</span>
@@ -12678,7 +12782,7 @@
             </code></pre></div></div>
           </div>
           <div id="aes-cfb-operations" class="section">
-            <h4>18.14.4. Operations</h4>
+            <h4>19.14.4. Operations</h4>
             <dl>
               <dt>Encrypt</dt>
               <dd>
@@ -12905,9 +13009,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -13047,26 +13150,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containng the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -13076,42 +13192,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128CFB8"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192CFB8"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256CFB8"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -13120,12 +13229,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>keyData</var> be a new ArrayBuffer containing <var>data</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -13170,9 +13274,9 @@
         </div>
 
         <div id="aes-kw" class="section">
-          <h3>18.15. AES-KW</h3>
+          <h3>19.15. AES-KW</h3>
           <div id="aes-kw-description" class="section">
-            <h4>18.15.1. Description</h4>
+            <h4>19.15.1. Description</h4>
             <p class="norm">This section is non-normative.</p>
             <p>
               The <code>"AES-KW"</code> algorithm identifier is used to perform
@@ -13181,7 +13285,7 @@
             </p>
           </div>
           <div id="aes-kw-registration" class="section">
-            <h4>18.15.2. Registration</h4>
+            <h4>19.15.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"AES-KW"</code>.
@@ -13218,7 +13322,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -13229,7 +13333,7 @@
             </table>
           </div>
           <div id="aes-kw-operations" class="section">
-            <h4>18.15.3. Operations</h4>
+            <h4>19.15.3. Operations</h4>
             <dl>
               <dt>Wrap Key</dt>
               <dd>
@@ -13412,9 +13516,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -13554,26 +13657,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containng the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -13583,42 +13699,35 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 128:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A128KW"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 192:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A192KW"</code>.</dd>
                               <dt>If the <a href="#dfn-AesKeyAlgorithm-length">length</a> attribute of
                               <var>key</var> is 256:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"A256KW"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -13627,7 +13736,7 @@
                   </li>
                   <li>
                     <p>
-                      Return a new ArrayBuffer containing <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -13672,9 +13781,9 @@
         </div>
 
         <div id="hmac" class="section">
-          <h3>18.16. HMAC</h3>
+          <h3>19.16. HMAC</h3>
           <div id="hmac-description" class="section">
-            <h4>18.16.1. Description</h4>
+            <h4>19.16.1. Description</h4>
             <p class="norm">This section is non-normative.</p>
             <p>
               The <code>HMAC</code> algorithm calculates and verifies hash-based message
@@ -13682,7 +13791,7 @@
             </p>
           </div>
           <div id="hmac-registration" class="section">
-            <h4>18.16.2. Registration</h4>
+            <h4>19.16.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"HMAC"</code>.
@@ -13719,7 +13828,7 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
                 <tr>
                   <td>get key length</td>
@@ -13730,7 +13839,7 @@
             </table>
           </div>
           <div id="hmac-importparams" class="section">
-            <h4>18.16.3. HmacImportParams dictionary</h4>
+            <h4>19.16.3. HmacImportParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-HmacImportParams">HmacImportParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The inner hash function to use.</span>
@@ -13741,7 +13850,7 @@
             </code></pre></div></div>
           </div>
           <div id="hmac-keyalgorithm" class="section">
-            <h4>18.16.4. HmacKeyAlgorithm interface</h4>
+            <h4>19.16.4. HmacKeyAlgorithm interface</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 [NoInterfaceObject]
 interface <dfn id="dfn-HmacKeyAlgorithm">HmacKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
@@ -13753,7 +13862,7 @@
             </code></pre></div></div>
           </div>
           <div id="hmac-keygen-params" class="section">
-            <h4>18.16.5. HmacKeyGenParams dictionary</h4>
+            <h4>19.16.5. HmacKeyGenParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-HmacKeyGenParams">HmacKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The inner hash function to use.</span>
@@ -13766,7 +13875,7 @@
             </code></pre></div></div>
           </div>
           <div id="hmac-derivedkey-params" class="section">
-            <h4>18.16.6. HmacDerivedKeyParams dictionary</h4>
+            <h4>19.16.6. HmacDerivedKeyParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-HmacDerivedKeyParams">HmacDerivedKeyParams</dfn> : <a href="#dfn-HmacImportParams">HmacImportParams</a> {
   <span class="comment">// The length (in bits) of the key to generate. If unspecified, the
@@ -13777,7 +13886,7 @@
             </code></pre></div></div>
           </div>
           <div id="hmac-operations" class="section">
-            <h4>18.16.7. Operations</h4>
+            <h4>19.16.7. Operations</h4>
             <dl>
               <dt>Sign</dt>
               <dd>
@@ -13997,9 +14106,8 @@
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be the result of running the
-                              <a href="#concept-parse-a-jwk">parse a jwk</a>
-                              algorithm over <var>keyData</var>.
+                              Let <var>jwk</var> be the <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary represented by <var>keyData</var>.
                             </p>
                           </li>
                           <li>
@@ -14298,26 +14406,39 @@
                     <dl class="switch">
                       <dt>If <var>format</var> is <code>"raw"</code>:</dt>
                       <dd>
-                        Let <var>data</var> be the raw octets of the key represented by
-                        <var>key</var>.
+                        <ol>
+                          <li>
+                            <p>
+                              Let <var>data</var> be the raw octets of the key represented by
+                              <var>key</var>.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>If <var>format</var> is <code>"jwk"</code>:</dt>
                       <dd>
                         <ol>
                           <li>
                             <p>
-                              Let <var>jwk</var> be a new internal object.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Set the <code>kty</code> property of <var>jwk</var> to the
+                              Let <var>jwk</var> be a new <a href="#dfn-JsonWebKey">JsonWebKey</a>
+                              dictionary.
+                            </p>
+                          </li>
+                          <li>
+                            <p>
+                              Set the <code>kty</code> attribute of <var>jwk</var> to the
                               string <code>"oct"</code>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>k</code> property of <var>jwk</var> to be a string
+                              Set the <code>k</code> attribute of <var>jwk</var> to be a string
                               containng the raw octets
                               of the key represented by <var>key</var>, encoded according to
                               Section 6.4 of <a href="#jwa">JSON Web Algorithms</a>.
@@ -14341,46 +14462,39 @@
                             <dl class="switch">
                               <dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
                               <var>hash</var> is <code>"SHA-1"</code>:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"HS1"</code>.</dd>
                               <dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
                               <var>hash</var> is <code>"SHA-256"</code>:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"HS256"</code>.</dd>
                               <dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
                               <var>hash</var> is <code>"SHA-384"</code>:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"HS384"</code>.</dd>
                               <dt>If the <a href="#dfn-KeyAlgorithm-name">name</a> attribute of
                               <var>hash</var> is <code>"SHA-512"</code>:</dt>
-                              <dd>Set the <code>alg</code> property of <var>jwk</var> to
+                              <dd>Set the <code>alg</code> attribute of <var>jwk</var> to
                               the string <code>"HS512"</code>.</dd>
                             </dl>
                           </li>
                           <li>
                             <p>
-                              Set the <code>key_ops</code> property of <var>jwk</var> to equal the
+                              Set the <code>key_ops</code> attribute of <var>jwk</var> to equal the
                               <a href="#dfn-CryptoKey-usages">usages</a> attribute of <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Set the <code>ext</code> property of <var>jwk</var> to equal the 
+                              Set the <code>ext</code> attribute of <var>jwk</var> to equal the 
                               <a href="#dfn-CryptoKey-extractable">extractable</a> attribute of
                               <var>key</var>.
                             </p>
                           </li>
                           <li>
                             <p>
-                              Let <var>stringifiedJwk</var> be the result of encoding <var>jwk</var>
-                              into a string according to the grammar specified in Section 15.12 of
-                              <a href="#ECMA-262">ECMA262</a>.
-                            </p>
-                          </li>
-                          <li>
-                            <p>
-                              Let <var>data</var> be the UTF-8 encoding of
-                              <var>stringifiedJwk</var>.
+                              Let <var>result</var> be the result of converting <var>jwk</var>
+                              to an ECMAScript Object.
                             </p>
                           </li>
                         </ol>
@@ -14389,7 +14503,7 @@
                   </li>
                   <li>
                     <p>
-                      Return a new ArrayBuffer containing <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -14450,9 +14564,9 @@
           </div>
         </div>
         <div id="dh" class="section">
-          <h3>18.17. Diffie-Hellman</h3>
+          <h3>19.17. Diffie-Hellman</h3>
           <div id="dh-description" class="section">
-            <h4>18.17.1. Description</h4>
+            <h4>19.17.1. Description</h4>
             <p class="norm">This section is non-normative.</p>
             <p>
               This describes using Diffie-Hellman for key generation and key agreement, as specified
@@ -14460,7 +14574,7 @@
             </p>
           </div>
           <div id="dh-registration" class="section">
-            <h4>18.17.2. Registration</h4>
+            <h4>19.17.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"DH"</code>.
@@ -14492,13 +14606,13 @@
                 <tr>
                   <td>exportKey</td>
                   <td>None</td>
-                  <td>ArrayBuffer</td>
+                  <td>object</td>
                 </tr>
               </tbody>
             </table>
           </div>
           <div id="dh-DhKeyGenParams" class="section">
-            <h4>18.17.3. DhKeyGenParams dictionary</h4>
+            <h4>19.17.3. DhKeyGenParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-DhKeyGenParams">DhKeyGenParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The prime p.</span>
@@ -14509,7 +14623,7 @@
             </code></pre></div></div>
           </div>
           <div id="dh-DhKeyAlgorithm" class="section">
-            <h4>18.17.4. DhKeyAlgorithm interface</h4>
+            <h4>19.17.4. DhKeyAlgorithm interface</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 [NoInterfaceObject]
 interface <dfn id="dfn-DhKeyAlgorithm">DhKeyAlgorithm</dfn> : <a href="#dfn-KeyAlgorithm">KeyAlgorithm</a> {
@@ -14521,7 +14635,7 @@
             </code></pre></div></div>
           </div>
           <div id="dh-DhKeyDeriveParams" class="section">
-            <h4>18.17.5. DhKeyDeriveParams dictionary</h4>
+            <h4>19.17.5. DhKeyDeriveParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-DhKeyDeriveParams">DhKeyDeriveParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The peer's public value.</span>
@@ -14530,7 +14644,7 @@
             </code></pre></div></div>
           </div>
           <div id="dh-DhImportKeyParams" class="section">
-            <h4>18.17.6. DhImportKeyParams dictionary</h4>
+            <h4>19.17.6. DhImportKeyParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-DhImportKeyParams">DhImportKeyParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The prime p.</span>
@@ -14541,7 +14655,7 @@
             </code></pre></div></div>
           </div>
           <div id="dh-operations" class="section">
-            <h4>18.17.7. Operations</h4>
+            <h4>19.17.7. Operations</h4>
             <dl>
               <dt>Generate Key</dt>
               <dd>
@@ -15150,26 +15264,35 @@
                         If <var>format</var> is <code>"raw"</code>:
                       </dt>
                       <dd>
-                        <dl class="switch">
-                          <dt>
-                            If the <a href="#dfn-CryptoKey-type">type</a> attribute of
-                            <var>key</var> is <code>"public"</code>:
-                          </dt>
-                          <dd>
-                            Let <var>result</var> be the Public Value, <var>PV</var>, associated
-                            with <var>key</var> as specified in Section 7 of [<a href="#PKCS3">PKCS
-                            #3</a>].
-                          </dd>
-                          <dt>
-                            If the <a href="#dfn-CryptoKey-type">type</a> attribute of
-                            <var>key</var> is <code>"private"</code>:
-                          </dt>
-                          <dd>
-                            Let <var>result</var> be the octet string that represents the private
-                            value <var>x</var> associated with <var>key</var> as a big integer, most
-                            significant octet first.
-                          </dd>
-                        </dl>
+                        <ol>
+                          <li>
+                            <dl class="switch">
+                              <dt>
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"public"</code>:
+                              </dt>
+                              <dd>
+                                Let <var>data</var> be the Public Value, <var>PV</var>, associated
+                                with <var>key</var> as specified in Section 7 of [<a href="#PKCS3">PKCS #3</a>].
+                              </dd>
+                              <dt>
+                                If the <a href="#dfn-CryptoKey-type">type</a> attribute of
+                                <var>key</var> is <code>"private"</code>:
+                              </dt>
+                              <dd>
+                                Let <var>data</var> be the octet string that represents the private
+                                value <var>x</var> associated with <var>key</var> as a big integer,
+                                most significant octet first.
+                              </dd>
+                            </dl>
+                          </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
+                        </ol>
                       </dd>
                       <dt>
                         If <var>format</var> is <code>"spki"</code>:
@@ -15184,7 +15307,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#concept-encode-a-subjectPublicKeyInfo">encoding a
+                              Let <var>data</var> be the result of <a href="#concept-encode-a-subjectPublicKeyInfo">encoding a
                               subjectPublicKeyInfo</a> with the following properties:
                             </p>
                             <ul>
@@ -15237,6 +15360,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>
@@ -15252,7 +15381,7 @@
                           </li>
                           <li>
                             <p>
-                              Let <var>result</var> be the result of <a href="#concept-encode-a-privateKeyInfo">encoding a
+                              Let <var>data</var> be the result of <a href="#concept-encode-a-privateKeyInfo">encoding a
                               privateKeyInfo</a> with the following properties:
                             </p>
                             <ul>
@@ -15305,6 +15434,12 @@
                               </li>
                             </ul>
                           </li>
+                          <li>
+                            <p>
+                              Let <var>result</var> be a new <code>ArrayBuffer</code> containing
+                              <var>data</var>.
+                            </p>
+                          </li>
                         </ol>
                       </dd>
                       <dt>Otherwise:</dt>
@@ -15316,13 +15451,7 @@
                   </li>
                   <li>
                     <p>
-                      Let <var>data</var> be a new <code>ArrayBuffer</code> containing
-                      <var>result</var>.
-                    </p>
-                  </li>
-                  <li>
-                    <p>
-                      Return <var>data</var>.
+                      Return <var>result</var>.
                     </p>
                   </li>
                 </ol>
@@ -15331,16 +15460,16 @@
           </div>
         </div>
         <div id="sha" class="section">
-          <h3>18.18. SHA</h3>
+          <h3>19.18. SHA</h3>
           <div id="sha-description" class="section">
-            <h4>18.18.1. Description</h4>
+            <h4>19.18.1. Description</h4>
             <p>
               This describes the SHA-1 and SHA-2 families, as specified by
               [<a href="#FIPS180-4">FIPS PUB 180-4</a>].
             </p>
           </div>
           <div id="sha-registration" class="section">
-            <h4>18.18.2. Registration</h4>
+            <h4>19.18.2. Registration</h4>
             <p>
               The following algorithms are added as <a href="#recognized-algorithm-name">
               recognized algorithm names</a>:
@@ -15373,7 +15502,7 @@
             </table>
           </div>
           <div id="sha-operations" class="section">
-            <h4>18.18.3. Operations</h4>
+            <h4>19.18.3. Operations</h4>
             <dl>
               <dt>Digest</dt>
               <dd>
@@ -15440,9 +15569,9 @@
           </div>
         </div>
         <div id="concatkdf" class="section">
-          <h3>18.19. Concat KDF</h3>
+          <h3>19.19. Concat KDF</h3>
           <div id="concatkdf-description" class="section">
-            <h4>18.19.1. Description</h4>
+            <h4>19.19.1. Description</h4>
             <p>
               The <code>"CONCAT"</code> algorithm identifier is used to perform key derivation
               using the key derivation algorithm defined in Section 5.8.1 of NIST SP 800-56A
@@ -15450,7 +15579,7 @@
             </p>
           </div>
           <div id="concatkdf-registration" class="section">
-            <h4>18.19.2. Registration</h4>
+            <h4>19.19.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"CONCAT"</code>.
@@ -15483,7 +15612,7 @@
             </table>
           </div>
           <div id="concat-params" class="section">
-            <h4>18.19.3. ConcatParams dictionary</h4>
+            <h4>19.19.3. ConcatParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-ConcatParams">ConcatParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The digest method to use to derive the keying material.</span>
@@ -15505,7 +15634,7 @@
             </code></pre></div></div>
           </div>
           <div id="concat-operations" class="section">
-            <h4>18.19.4. Operations</h4>
+            <h4>19.19.4. Operations</h4>
             <dl>
               <dt>Derive Bits</dt>
               <dd>
@@ -15654,9 +15783,9 @@
           </div>
         </div>
         <div id="hkdf-ctr" class="section">
-          <h3>18.20. HKDF-CTR</h3>
+          <h3>19.20. HKDF-CTR</h3>
           <div id="hkdf-ctr-description" class="section">
-            <h4>18.20.1. Description</h4>
+            <h4>19.20.1. Description</h4>
             <p class="norm">This section is non-normative.</p>
             <p>
               The <code>"HKDF-CTR"</code> algorithm identifier is used to
@@ -15667,7 +15796,7 @@
             </p>
           </div>
           <div id="hkdf-ctr-registration" class="section">
-            <h4>18.20.2. Registration</h4>
+            <h4>19.20.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a>
               for this algorithm is <code>"HKDF-CTR"</code>.
@@ -15700,7 +15829,7 @@
             </table>
           </div>
           <div id="hkdf-ctr-params" class="section">
-            <h4>18.20.3. HkdfCtrParams dictionary</h4>
+            <h4>19.20.3. HkdfCtrParams dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-HkdfCtrParams">HkdfCtrParams</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   <span class="comment">// The algorithm to use with HMAC (e.g.: <a href="#sha-256">SHA-256</a>)</span>
@@ -15724,7 +15853,7 @@
             </div>
           </div>
           <div id="hkdf2-ctr-operations" class="section">
-            <h4>18.20.4. Operations</h4>
+            <h4>19.20.4. Operations</h4>
             <dl>
               <dt>Derive Bits</dt>
               <dd>
@@ -15935,9 +16064,9 @@
         </div>
 
         <div id="pbkdf2" class="section">
-          <h3>18.21. PBKDF2</h3>
+          <h3>19.21. PBKDF2</h3>
           <div id="pbkdf2-description" class="section">
-            <h4>18.21.1. Description</h4>
+            <h4>19.21.1. Description</h4>
             <p class="norm">This section is non-normative.</p>
             <p>
               The <code>"PBKDF2"</code> algorithm identifier is used to
@@ -15947,7 +16076,7 @@
             </p>
           </div>
           <div id="pbkdf2-registration" class="section">
-            <h4>18.21.2. Registration</h4>
+            <h4>19.21.2. Registration</h4>
             <p>
               The <a href="#recognized-algorithm-name">recognized algorithm name</a> for
               this algorithm is <code>"PBKDF2"</code>.
@@ -15985,7 +16114,7 @@
             </table>
           </div>
           <div id="pbkdf2-params" class="section">
-            <h4>18.21.3. Pbkdf2Params dictionary</h4>
+            <h4>19.21.3. Pbkdf2Params dictionary</h4>
             <div class="block"><div class="blockTitleDiv"><span class="blockTitle">IDL</span></div><div class="blockContent"><pre class="code"><code class="idl-code">
 dictionary <dfn id="dfn-Pbkdf2Params">Pbkdf2Params</dfn> : <a href="#dfn-Algorithm">Algorithm</a> {
   CryptoOperationData <dfn id="dfn-Pbkdf2Params-salt">salt</dfn>;
@@ -15995,7 +16124,7 @@
             </code></pre></div></div>
           </div>
           <div id="pbkdf2-operations" class="section">
-            <h4>18.21.4. Operations</h4>
+            <h4>19.21.4. Operations</h4>
             <dl>
               <dt>Derive bits</dt>
               <dd>
@@ -16213,7 +16342,7 @@
       </div>
  
       <div id="algorithm-normalizing-rules" class="section">
-        <h2>19. Algorithm normalizing rules</h2>
+        <h2>20. Algorithm normalizing rules</h2>
         <p>
           The <a href="#dfn-AlgorithmIdentifier">AlgorithmIdentifier</a> typedef permits algorithms
           to be specified as either an <a href="#dfn-Algorithm">Algorithm</a> dictionary or a <a href="#dfn-DOMString">DOMString</a>. The <a href="#dfn-DOMString">DOMString</a> option
@@ -16299,9 +16428,9 @@
         </ol>
       </div>
       <div id="examples-section" class="section">
-        <h2>20. JavaScript Example Code</h2>
+        <h2>21. JavaScript Example Code</h2>
         <div id="examples-signing" class="section">
-          <h3>20.1. Generate a signing key pair, sign some data</h3>
+          <h3>21.1. Generate a signing key pair, sign some data</h3>
         
         <div class="block"><div class="blockTitleDiv"><span class="blockTitle">ECMAScript</span></div><div class="blockContent"><pre class="code"><code class="es-code">
 <span class="comment">// Algorithm Object</span>
@@ -16335,7 +16464,7 @@
         </code></pre></div></div>
         </div>
         <div id="examples-symmetric-encryption" class="section">
-          <h3>20.2. Symmetric Encryption</h3>
+          <h3>21.2. Symmetric Encryption</h3>
         <div class="block"><div class="blockTitleDiv"><span class="blockTitle">ECMAScript</span></div><div class="blockContent"><pre class="code"><code class="es-code">
 var clearDataArrayBufferView = convertPlainTextToArrayBufferView("Plain Text Data");
 <span class="comment">// TODO: create example utility function that converts text -&gt; ArrayBufferView</span>
@@ -16363,9 +16492,9 @@
       </div>
     </div>
     <div id="iana-section" class="section">
-    <h2>21. IANA Considerations</h2>
+    <h2>22. IANA Considerations</h2>
         <div id="iana-section-jws-jwa" class="section">
-          <h3>21.1. JSON Web Signature and Encryption Algorithms Registration</h3>
+          <h3>22.1. JSON Web Signature and Encryption Algorithms Registration</h3>
           <p>
             This section registers the following algorithm identifiers in the IANA JSON Web
             Signature and Encryption Algorithms Registry for use with JSON Web Key. Note that the
@@ -16503,7 +16632,7 @@
           </ul>
         </div>
         <div id="iana-section-jwk" class="section">
-          <h3>21.2. JSON Web Key Parameters Registration</h3>
+          <h3>22.2. JSON Web Key Parameters Registration</h3>
           <ul>
             <li>Parameter Name: "ext"</li>
             <li>Parameter Description: Extractable</li>
@@ -16515,7 +16644,7 @@
         </div>
       </div>
       <div id="acknowledgements-section" class="section">
-        <h2>22. Acknowledgements</h2>
+        <h2>23. Acknowledgements</h2>
         <p>
           The editors would like to thank Adam Barth, Alex Russell, Ali Asad, Arun Ranganathan,
           Brian Smith, Brian Warner, Channy Yun, Eric Roman, Glenn Adams, Jim Schaad, Kai Engert,
@@ -16538,9 +16667,9 @@
         </p>
       </div>
       <div id="references" class="section">
-         <h2>23. References</h2>
+         <h2>24. References</h2>
          <div id="normative-references" class="section">
-           <h3>23.1. Normative References</h3>
+           <h3>24.1. Normative References</h3>
            <dl>
              <dt id="DOM4">DOM4</dt>
              <dd>
@@ -16633,7 +16762,7 @@
            </dl>
         </div>
         <div id="informative-references" class="section">
-          <h3>23.2. Informative References</h3>
+          <h3>24.2. Informative References</h3>
           <dl>
             <dt id="CDSA">CDSA</dt>
             <dd>