--- a/Overview.html Thu May 15 11:57:46 2014 -0700
+++ b/Overview.html Wed Mar 23 10:46:08 2016 -0700
@@ -1,6 +1,6 @@
<!DOCTYPE html>
-<html lang="en" dir="ltr" typeof="bibo:Document " about="" property="dcterms:language" content="en">
-<head>
+<html lang="en" dir="ltr" typeof="bibo:Document " prefix="bibo: http://purl.org/ontology/bibo/ w3p: http://www.w3.org/2001/02pd/rec54#">
+<head><meta lang="" property="dc:language" content="en">
<title>WebCrypto Key Discovery</title>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
<style>
@@ -85,7 +85,7 @@
}
code {
- color: #ff4500;
+ color: #C83500;
}
/* --- TOC --- */
@@ -157,13 +157,13 @@
display: none;
}
}
-</style><style>/* --- EXAMPLES --- */
+</style><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><style>/* --- EXAMPLES --- */
div.example-title {
min-width: 7.5em;
color: #b9ab2d;
}
div.example-title span {
- text-transform: uppercase;
+ text-transform: uppercase;
}
aside.example, div.example, div.illegal-example {
padding: 0.5em;
@@ -178,7 +178,7 @@
border-left-width: .5em;
border-left-style: solid;
border-color: #e0cb52;
- background: #fcfaee;
+ background: #fcfaee;
}
aside.example div.example {
@@ -197,13 +197,19 @@
line-height: 120%;
}
+@media print {
+ pre.idl {
+ white-space: pre-wrap;
+ }
+}
+
pre.idl::before {
content: "WebIDL";
display: block;
width: 150px;
background: #90b8de;
color: #fff;
- font-family: initial;
+ font-family: sans-serif;
padding: 3px;
font-weight: bold;
margin: -1em 0 1em -1em;
@@ -286,6 +292,16 @@
color: gray;
}
+/*.idlIterable*/
+.idlIterableKeyType, .idlIterableValueType {
+ color: #005a9c;
+}
+
+/*.idlMaplike*/
+.idlMaplikeKeyType, .idlMaplikeValueType {
+ color: #005a9c;
+}
+
/*.idlConst*/
.idlConstType {
color: #005a9c;
@@ -388,7 +404,6 @@
color: #fff;
padding: 3px 5px;
text-align: left;
- font-family: initial;
font-weight: normal;
text-shadow: #666 1px 1px 0;
}
@@ -418,183 +433,157 @@
border-collapse: collapse;
width: 100%;
}
-</style><link rel="stylesheet" href="https://www.w3.org/StyleSheets/TR/W3C-ED"><!--[if lt IE 9]><script src='https://www.w3.org/2008/site/js/html5shiv.js'></script><![endif]--></head>
- <body class="h-entry" role="document" id="respecDocument"><div class="head" role="contentinfo" id="respecHeader">
+</style><link rel="stylesheet" href="https://www.w3.org/StyleSheets/TR/2016/W3C-ED"><!--[if lt IE 9]><script src='https://www.w3.org/2008/site/js/html5shiv.js'></script><![endif]--><script id="initialUserConfig" type="application/json">{
+ "specStatus": "ED",
+ "noRecTrack": true,
+ "shortName": "webcrypto-key-discovery",
+ "editors": [
+ {
+ "name": "Mark Watson",
+ "mailto": "watsonm@netflix.com",
+ "company": "Netflix",
+ "companyURL": "http://www.netflix.com/"
+ }
+ ],
+ "publishDate": "2016-03-23",
+ "previousPublishDate": "2013-01-08",
+ "previousMaturity": "WD",
+ "edDraftURI": "http://dvcs.w3.org/hg/webcrypto-keydiscovery/raw-file/tip/Overview.html",
+ "wg": "Web Cryptography WG",
+ "wgURI": "http://www.w3.org/2012/webcrypto/",
+ "wgPublicList": "public-webcrypto",
+ "wgPatentURI": "http://www.w3.org/2004/01/pp-impl/54174/status",
+ "localBiblio": {
+ "WEBCRYPTO": "Ryan Sleevi, Mark Watson <a href=\"http://www.w3.org/TR/WebCryptoAPI/\"><cite>Web Cryptography API.</cite></a> W3C Working Draft (Work in progress.) URL: <a href=\"http://www.w3.org/TR/WebCryptoAPI/\">http://www.w3.org/TR/WebCryptoAPI/</a> "
+ },
+ "otherLinks": [
+ {
+ "key": "Participate",
+ "data": [
+ {
+ "value": "Submit a comment",
+ "href": "mailto:public-webcrypto-comments@w3.org"
+ },
+ {
+ "value": "File a bug",
+ "href": "https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&component=Web%20Cryptography%20API%20Document"
+ },
+ {
+ "value": "See existing bugs",
+ "href": "https://www.w3.org/Bugs/Public/buglist.cgi?product=Web%20Cryptography&component=Web%20Cryptography%20API%20Document&resolution=---"
+ }
+ ]
+ }
+ ]
+}</script></head>
+ <body class="h-entry toc-sidebar" role="document" id="respecDocument"><div class="head" role="contentinfo" id="respecHeader">
<p>
-
- <a href="http://www.w3.org/"><img width="72" height="48" src="https://www.w3.org/Icons/w3c_home" alt="W3C"></a>
-
+ <a class="logo" href="http://www.w3.org/"><img width="72" height="48" src="https://www.w3.org/StyleSheets/TR/2016/logos/W3C" alt="W3C"></a>
</p>
<h1 class="title p-name" id="title" property="dcterms:title">WebCrypto Key Discovery</h1>
-
- <h2 property="dcterms:issued" datatype="xsd:dateTime" content="2014-05-15T07:00:00.000Z" id="w3c-editor-s-draft-15-may-2014"><abbr title="World Wide Web Consortium">W3C</abbr> Editor's Draft <time class="dt-published" datetime="2014-05-15">15 May 2014</time></h2>
+ <h2 id="w3c-editor-s-draft-23-march-2016"><abbr title="World Wide Web Consortium">W3C</abbr> Editor's Draft <time property="dcterms:issued" class="dt-published" datetime="2016-03-23">23 March 2016</time></h2>
<dl>
-
<dt>This version:</dt>
<dd><a class="u-url" href="http://dvcs.w3.org/hg/webcrypto-keydiscovery/raw-file/tip/Overview.html">http://dvcs.w3.org/hg/webcrypto-keydiscovery/raw-file/tip/Overview.html</a></dd>
<dt>Latest published version:</dt>
<dd><a href="http://www.w3.org/TR/webcrypto-key-discovery/">http://www.w3.org/TR/webcrypto-key-discovery/</a></dd>
-
-
<dt>Latest editor's draft:</dt>
<dd><a href="http://dvcs.w3.org/hg/webcrypto-keydiscovery/raw-file/tip/Overview.html">http://dvcs.w3.org/hg/webcrypto-keydiscovery/raw-file/tip/Overview.html</a></dd>
-
-
-
-
-
-
-
-
-
<dt>Editor:</dt>
- <dd class="p-author h-card vcard" rel="bibo:editor" inlist=""><span typeof="foaf:Person"><span property="foaf:name" class="p-name fn">Mark Watson</span>, <a rel="foaf:workplaceHomepage" class="p-org org h-org h-card" href="http://www.netflix.com/">Netflix</a>, <span class="ed_mailto"><a class="u-email email" rel="foaf:mbox" href="mailto:watsonm@netflix.com">watsonm@netflix.com</a></span></span>
+ <dd class="p-author h-card vcard" property="bibo:editor" resource="_:editor0"><span property="rdf:first" typeof="foaf:Person"><span property="foaf:name" class="p-name fn">Mark Watson</span>, <a property="foaf:workplaceHomepage" class="p-org org h-org h-card" href="http://www.netflix.com/">Netflix</a>, <span class="ed_mailto"><a class="u-email email" property="foaf:mbox" href="mailto:watsonm@netflix.com">watsonm@netflix.com</a></span></span>
+<span property="rdf:rest" resource="rdf:nil"></span>
</dd>
-
-
-
-
<dt>Participate:</dt>
-
-
-
<dd>
<a href="mailto:public-webcrypto-comments@w3.org">
Submit a comment
</a>
</dd>
-
-
-
<dd>
<a href="https://www.w3.org/Bugs/Public/enter_bug.cgi?product=Web%20Cryptography&component=Web%20Cryptography%20API%20Document">
File a bug
</a>
</dd>
-
-
-
<dd>
<a href="https://www.w3.org/Bugs/Public/buglist.cgi?product=Web%20Cryptography&component=Web%20Cryptography%20API%20Document&resolution=---">
See existing bugs
</a>
</dd>
-
-
-
-
-
-
</dl>
-
-
-
-
-
<p class="copyright">
<a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a> ©
- 2014
+ 2016
<a href="http://www.w3.org/"><abbr title="World Wide Web Consortium">W3C</abbr></a><sup>®</sup>
(<a href="http://www.csail.mit.edu/"><abbr title="Massachusetts Institute of Technology">MIT</abbr></a>,
<a href="http://www.ercim.eu/"><abbr title="European Research Consortium for Informatics and Mathematics">ERCIM</abbr></a>,
- <a href="http://www.keio.ac.jp/">Keio</a>, <a href="http://ev.buaa.edu.cn/">Beihang</a>),
-
- All Rights Reserved.
-
+ <a href="http://www.keio.ac.jp/">Keio</a>, <a href="http://ev.buaa.edu.cn/">Beihang</a>).
<abbr title="World Wide Web Consortium">W3C</abbr> <a href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>,
<a href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a> and
-
- <a href="http://www.w3.org/Consortium/Legal/copyright-documents">document use</a>
-
+ <a rel="license" href="http://www.w3.org/Consortium/Legal/copyright-documents">document use</a>
rules apply.
</p>
-
-
- <hr>
+ <hr title="Separator for header">
</div>
- <section id="abstract" class="introductory" property="dcterms:abstract" datatype="" typeof="bibo:Chapter" resource="#abstract" rel="bibo:Chapter"><h2 aria-level="1" role="heading" id="h2_abstract">Abstract</h2>
- <p>This specification describes a JavaScript API for discovering named, origin-specific pre-provisioned
+ <section id="abstract" class="introductory" property="dc:abstract"><h2 id="h-abstract" resource="#h-abstract"><span property="xhv:role" resource="xhv:heading">Abstract</span></h2>
+ <p>This note describes a JavaScript API for discovering named, origin-specific pre-provisioned
cryptographic keys for use with the Web Cryptography API. Pre-provisioned keys are keys which have been made
available to the UA by means other than the generation, derivation, importation and unwrapping functions of the
Web Cryptography API. Origin-specific keys are keys that are available only to a specified origin. Named keys
are identified by a name assumed to be known to the origin in question and provisioned with the key itself.
- This specification concerns only keys which have all three of these properties.
+ This note concerns only keys which have all three of these properties.
</p>
- </section><section id="sotd" class="introductory" typeof="bibo:Chapter" resource="#sotd" rel="bibo:Chapter"><h2 aria-level="1" role="heading" id="h2_sotd">Status of This Document</h2>
-
-
-
+ </section><section id="sotd" class="introductory"><h2 id="h-sotd" resource="#h-sotd"><span property="xhv:role" resource="xhv:heading">Status of This Document</span></h2>
<p>
- <em>This section describes the status of this document at the time of its publication.
- Other documents may supersede this document. A list of current <abbr title="World Wide Web Consortium">W3C</abbr> publications and the
- latest revision of this technical report can be found in the <a href="http://www.w3.org/TR/"><abbr title="World Wide Web Consortium">W3C</abbr> technical reports index</a> at
- http://www.w3.org/TR/.</em>
+ <em>This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current <abbr title="World Wide Web Consortium">W3C</abbr> publications and the latest revision of this technical report can be found in the <a href="http://www.w3.org/TR/"><abbr title="World Wide Web Consortium">W3C</abbr> technical reports index</a> at http://www.w3.org/TR/.</em>
</p>
-
- <p>This document is an Editor's Draft of the WebCrypto Key Discovery recommendation. It defines an API that provides access to named origin-specific pre-provisioned keys.
+
+ <p>This document is an Editor's Draft of the WebCrypto Key Discovery note. It defines an API that provides access to named origin-specific pre-provisioned keys.
The privacy issues associated with such keys require special attention and
the privacy related material in this document has not yet received thorough review by the community.</p>
- <p>
- This document was published by the <a href="http://www.w3.org/2012/webcrypto/">Web Cryptography WG</a> as an Editor's Draft.
-
-
- If you wish to make comments regarding this document, please send them to
- <a href="mailto:public-webcrypto@w3.org">public-webcrypto@w3.org</a>
- (<a href="mailto:public-webcrypto-request@w3.org?subject=subscribe">subscribe</a>,
- <a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>).
-
-
-
-
- All comments are welcome.
-
- </p>
-
-
<p>
- Publication as an Editor's Draft does not imply endorsement by the <abbr title="World Wide Web Consortium">W3C</abbr>
- Membership. This is a draft document and may be updated, replaced or obsoleted by other
- documents at any time. It is inappropriate to cite this document as other than work in
- progress.
+ This document was published by the <a href="http://www.w3.org/2012/webcrypto/">Web Cryptography WG</a> as an Editor's Draft.
+ If you wish to make comments regarding this document, please send them to
+ <a href="mailto:public-webcrypto@w3.org">public-webcrypto@w3.org</a>
+ (<a href="mailto:public-webcrypto-request@w3.org?subject=subscribe">subscribe</a>,
+ <a href="http://lists.w3.org/Archives/Public/public-webcrypto/">archives</a>).
+
+ All comments are welcome.
</p>
-
-
-
- <p>
-
- This document was produced by a group operating under the
- <a id="sotd_patent" about="" rel="w3p:patentRules" href="http://www.w3.org/Consortium/Patent-Policy-20040205/">5 February 2004 <abbr title="World Wide Web Consortium">W3C</abbr> Patent
- Policy</a>.
-
-
+ <p>
+ Publication as an Editor's Draft does not imply endorsement by the <abbr title="World Wide Web Consortium">W3C</abbr>
+ Membership. This is a draft document and may be updated, replaced or obsoleted by other
+ documents at any time. It is inappropriate to cite this document as other than work in
+ progress.
+ </p>
+ <p>
+ This document was produced by
+ a group
+ operating under the
+ <a id="sotd_patent" property="w3p:patentRules" href="http://www.w3.org/Consortium/Patent-Policy-20040205/">5 February 2004 <abbr title="World Wide Web Consortium">W3C</abbr> Patent
+ Policy</a>.
+ <abbr title="World Wide Web Consortium">W3C</abbr> maintains a <a href="http://www.w3.org/2004/01/pp-impl/54174/status" rel="disclosure">public list of any patent
+ disclosures</a>
+ made in connection with the deliverables of
+ the group; that page also includes
+ instructions for disclosing a patent. An individual who has actual knowledge of a patent
+ which the individual believes contains
+ <a href="http://www.w3.org/Consortium/Patent-Policy-20040205/#def-essential">Essential
+ Claim(s)</a> must disclose the information in accordance with
+ <a href="http://www.w3.org/Consortium/Patent-Policy-20040205/#sec-Disclosure">section
+ 6 of the <abbr title="World Wide Web Consortium">W3C</abbr> Patent Policy</a>.
+ </p>
+ <p>This document is governed by the <a id="w3c_process_revision" href="http://www.w3.org/2015/Process-20150901/">1 September 2015 <abbr title="World Wide Web Consortium">W3C</abbr> Process Document</a>.
+ </p>
-
- <abbr title="World Wide Web Consortium">W3C</abbr> maintains a <a href="http://www.w3.org/2004/01/pp-impl/54174/status" rel="disclosure">public list of any patent
- disclosures</a>
-
- made in connection with the deliverables of the group; that page also includes
- instructions for disclosing a patent. An individual who has actual knowledge of a patent
- which the individual believes contains
- <a href="http://www.w3.org/Consortium/Patent-Policy-20040205/#def-essential">Essential
- Claim(s)</a> must disclose the information in accordance with
- <a href="http://www.w3.org/Consortium/Patent-Policy-20040205/#sec-Disclosure">section
- 6 of the <abbr title="World Wide Web Consortium">W3C</abbr> Patent Policy</a>.
-
-
- </p>
-
-
-
-
-</section><section id="toc"><h2 class="introductory" aria-level="1" role="heading" id="h2_toc">Table of Contents</h2><ul class="toc" role="directory" id="respecContents"><li class="tocline"><a href="#introduction" class="tocxref"><span class="secno">1. </span>Introduction</a></li><li class="tocline"><a href="#conformance" class="tocxref"><span class="secno">2. </span>Conformance</a></li><li class="tocline"><a href="#scope" class="tocxref"><span class="secno">3. </span>Scope</a></li><li class="tocline"><a href="#privacy-considerations" class="tocxref"><span class="secno">4. </span>Privacy considerations</a><ul class="toc"><li class="tocline"><a href="#named-origin-specific-pre-provisioned-keys" class="tocxref"><span class="secno">4.1 </span>Named origin-specific pre-provisioned keys</a><ul class="toc"><li class="tocline"><a href="#comparison-to-cookies-and-persistent-storage" class="tocxref"><span class="secno">4.1.1 </span>Comparison to cookies and persistent storage</a></li><li class="tocline"><a href="#user-tracking" class="tocxref"><span class="secno">4.1.2 </span>User tracking</a></li><li class="tocline"><a href="#cookie-resurrection" class="tocxref"><span class="secno">4.1.3 </span>Cookie resurrection</a></li><li class="tocline"><a href="#sensitivity-of-data" class="tocxref"><span class="secno">4.1.4 </span>Sensitivity of data</a></li></ul></li></ul></li><li class="tocline"><a href="#dependencies" class="tocxref"><span class="secno">5. </span>Dependencies</a></li><li class="tocline"><a href="#api-definition" class="tocxref"><span class="secno">6. </span>API definition</a><ul class="toc"><li class="tocline"><a href="#overview" class="tocxref"><span class="secno">6.1 </span>Overview</a></li><li class="tocline"><a href="#namedkey-interface" class="tocxref"><span class="secno">6.2 </span>NamedKey interface</a><ul class="toc"><li class="tocline"><a href="#attributes" class="tocxref"><span class="secno">6.2.1 </span>Attributes</a></li><li class="tocline"><a href="#structured-clone-algorithm" class="tocxref"><span class="secno">6.2.2 </span>Structured clone algorithm</a></li><li class="tocline"><a href="#immutability-of-namedkey-objects" class="tocxref"><span class="secno">6.2.3 </span>Immutability of NamedKey objects</a></li></ul></li><li class="tocline"><a href="#cryptokeys-interface" class="tocxref"><span class="secno">6.3 </span>CryptoKeys interface</a><ul class="toc"><li class="tocline"><a href="#methods" class="tocxref"><span class="secno">6.3.1 </span>Methods</a></li></ul></li><li class="tocline"><a href="#extension-of-window-interface" class="tocxref"><span class="secno">6.4 </span>Extension of Window interface</a><ul class="toc"><li class="tocline"><a href="#attributes-1" class="tocxref"><span class="secno">6.4.1 </span>Attributes</a></li></ul></li><li class="tocline"><a href="#extension-of-workerglobalscope-interface" class="tocxref"><span class="secno">6.5 </span>Extension of WorkerGlobalScope interface</a><ul class="toc"><li class="tocline"><a href="#attributes-2" class="tocxref"><span class="secno">6.5.1 </span>Attributes</a></li></ul></li></ul></li><li class="tocline"><a href="#example" class="tocxref"><span class="secno">7. </span>Example</a><ul class="toc"><li class="tocline"><a href="#using-a-pre-provisioned-aes-kw-key-to-unwrap-a-session-key" class="tocxref"><span class="secno">7.1 </span>Using a pre-provisioned AES-KW key to unwrap a session key</a></li></ul></li><li class="tocline"><a href="#references" class="tocxref"><span class="secno">A. </span>References</a><ul class="toc"><li class="tocline"><a href="#normative-references" class="tocxref"><span class="secno">A.1 </span>Normative references</a></li><li class="tocline"><a href="#informative-references" class="tocxref"><span class="secno">A.2 </span>Informative references</a></li></ul></li></ul></section>
+</section><nav id="toc"><h2 class="introductory" id="table-of-contents" resource="#table-of-contents"><span property="xhv:role" resource="xhv:heading">Table of Contents</span></h2><ul class="toc" role="directory"><li class="tocline"><a href="#introduction" class="tocxref"><span class="secno">1. </span>Introduction</a></li><li class="tocline"><a href="#conformance" class="tocxref"><span class="secno">2. </span>Conformance</a></li><li class="tocline"><a href="#scope" class="tocxref"><span class="secno">3. </span>Scope</a></li><li class="tocline"><a href="#privacy-considerations" class="tocxref"><span class="secno">4. </span>Privacy considerations</a><ul class="toc"><li class="tocline"><a href="#named-origin-specific-pre-provisioned-keys" class="tocxref"><span class="secno">4.1 </span>Named origin-specific pre-provisioned keys</a><ul class="toc"><li class="tocline"><a href="#comparison-to-cookies-and-persistent-storage" class="tocxref"><span class="secno">4.1.1 </span>Comparison to cookies and persistent storage</a></li><li class="tocline"><a href="#user-tracking" class="tocxref"><span class="secno">4.1.2 </span>User tracking</a></li><li class="tocline"><a href="#cookie-resurrection" class="tocxref"><span class="secno">4.1.3 </span>Cookie resurrection</a></li><li class="tocline"><a href="#sensitivity-of-data" class="tocxref"><span class="secno">4.1.4 </span>Sensitivity of data</a></li></ul></li></ul></li><li class="tocline"><a href="#dependencies" class="tocxref"><span class="secno">5. </span>Dependencies</a></li><li class="tocline"><a href="#api-definition" class="tocxref"><span class="secno">6. </span>API definition</a><ul class="toc"><li class="tocline"><a href="#overview" class="tocxref"><span class="secno">6.1 </span>Overview</a></li><li class="tocline"><a href="#namedkey-interface" class="tocxref"><span class="secno">6.2 </span>NamedKey interface</a><ul class="toc"><li class="tocline"><a href="#attributes" class="tocxref"><span class="secno">6.2.1 </span>Attributes</a></li><li class="tocline"><a href="#structured-clone-algorithm" class="tocxref"><span class="secno">6.2.2 </span>Structured clone algorithm</a></li><li class="tocline"><a href="#immutability-of-namedkey-objects" class="tocxref"><span class="secno">6.2.3 </span>Immutability of NamedKey objects</a></li></ul></li><li class="tocline"><a href="#cryptokeys-interface" class="tocxref"><span class="secno">6.3 </span>CryptoKeys interface</a><ul class="toc"><li class="tocline"><a href="#methods" class="tocxref"><span class="secno">6.3.1 </span>Methods</a></li></ul></li><li class="tocline"><a href="#extension-of-window-interface" class="tocxref"><span class="secno">6.4 </span>Extension of Window interface</a><ul class="toc"><li class="tocline"><a href="#attributes-1" class="tocxref"><span class="secno">6.4.1 </span>Attributes</a></li></ul></li><li class="tocline"><a href="#extension-of-workerglobalscope-interface" class="tocxref"><span class="secno">6.5 </span>Extension of WorkerGlobalScope interface</a><ul class="toc"><li class="tocline"><a href="#attributes-2" class="tocxref"><span class="secno">6.5.1 </span>Attributes</a></li></ul></li></ul></li><li class="tocline"><a href="#example" class="tocxref"><span class="secno">7. </span>Example</a><ul class="toc"><li class="tocline"><a href="#using-a-pre-provisioned-aes-kw-key-to-unwrap-a-session-key" class="tocxref"><span class="secno">7.1 </span>Using a pre-provisioned AES-KW key to unwrap a session key</a></li></ul></li><li class="tocline"><a href="#references" class="tocxref"><span class="secno">A. </span>References</a><ul class="toc"><li class="tocline"><a href="#normative-references" class="tocxref"><span class="secno">A.1 </span>Normative references</a></li><li class="tocline"><a href="#informative-references" class="tocxref"><span class="secno">A.2 </span>Informative references</a></li></ul></li></ul></nav>
- <section class="informative" id="introduction">
- <!--OddPage--><h2 aria-level="1" role="heading" id="h2_introduction"><span class="secno">1. </span>Introduction</h2><p><em>This section is non-normative.</em></p>
+ <section class="informative" id="introduction" typeof="bibo:Chapter" resource="#introduction" property="bibo:hasPart">
+ <!--OddPage--><h2 id="h-introduction" resource="#h-introduction"><span property="xhv:role" resource="xhv:heading"><span class="secno">1. </span>Introduction</span></h2><p><em>This section is non-normative.</em></p>
<p>
The Web Cryptography API [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>] describes a JavaScript API for performing basic cryptographic
operations in web applications. Cryptographic keys in are represented in this API using
@@ -604,7 +593,7 @@
<p>This document concerns the discovery of cryptographic keys which are made available to the UA by other means.
Specifically, this document provides an API for the discovery of cryptographic keys which have been pre-provisioned
into a UA or device for use by a specific origin. Such keys are identified by names which are assumed to be known to
- the origin in question and thus they are referred to as <dfn id="dfn-named-origin-specific-pre-provisioned-keys">named origin-specific pre-provisioned keys</dfn>.</p>
+ the origin in question and thus they are referred to as <dfn data-dfn-type="dfn" id="dfn-named-origin-specific-pre-provisioned-keys">named origin-specific pre-provisioned keys</dfn>.</p>
<p>This enables web applications to establish secure proof that the UA has access to a particular
pre-provisioned key. Depending on the nature of the key and its associated storage - for example within
a Hardware Security Module or available only within a Trusted Execution Environment - further properties of the
@@ -615,61 +604,60 @@
</p>
</section>
- <section id="conformance" typeof="bibo:Chapter" resource="#conformance" rel="bibo:Chapter"><!--OddPage--><h2 aria-level="1" role="heading" id="h2_conformance"><span class="secno">2. </span>Conformance</h2>
+ <section id="conformance" typeof="bibo:Chapter" resource="#conformance" property="bibo:hasPart"><!--OddPage--><h2 id="h-conformance" resource="#h-conformance"><span property="xhv:role" resource="xhv:heading"><span class="secno">2. </span>Conformance</span></h2>
<p>
As well as sections marked as non-normative, all authoring guidelines, diagrams, examples,
and notes in this specification are non-normative. Everything else in this specification is
normative.
</p>
-<p>
- The key words <em class="rfc2119" title="MUST">MUST</em>, <em class="rfc2119" title="MUST NOT">MUST NOT</em>, <em class="rfc2119" title="REQUIRED">REQUIRED</em>, <em class="rfc2119" title="SHOULD">SHOULD</em>, <em class="rfc2119" title="SHOULD NOT">SHOULD NOT</em>, <em class="rfc2119" title="RECOMMENDED">RECOMMENDED</em>, <em class="rfc2119" title="MAY">MAY</em>,
- and <em class="rfc2119" title="OPTIONAL">OPTIONAL</em> in this specification are to be interpreted as described in [<cite><a class="bibref" href="#bib-RFC2119">RFC2119</a></cite>].
+<p id="respecRFC2119">The key words <em class="rfc2119" title="MAY">MAY</em>, <em class="rfc2119" title="MUST">MUST</em>, <em class="rfc2119" title="REQUIRED">REQUIRED</em>, <em class="rfc2119" title="SHALL">SHALL</em>, <em class="rfc2119" title="SHALL NOT">SHALL NOT</em>, and <em class="rfc2119" title="SHOULD">SHOULD</em> are
+ to be interpreted as described in [<cite><a class="bibref" href="#bib-RFC2119">RFC2119</a></cite>].
</p>
<p>
- The following conformance classes are defined by this specification:
+ The following conformance classes are defined by this note:
</p>
<dl>
- <dt><dfn id="dfn-conforming-user-agent">conforming user agent</dfn></dt>
+ <dt><dfn data-dfn-type="dfn" id="dfn-conforming-user-agent">conforming user agent</dfn></dt>
<dd>
<p>
A user agent is considered to be a conforming user agent
if it satisfies all of the <em class="rfc2119" title="MUST">MUST</em>-, <em class="rfc2119" title="REQUIRED">REQUIRED</em>- and <em class="rfc2119" title="SHALL">SHALL</em>-level
- criteria in this specification that apply to implementation. This specification
+ criteria in this note that apply to implementation. This note
uses both the terms "conforming user agent" and "user agent" to refer to this
product class.
</p>
<p>
User agents <em class="rfc2119" title="MAY">MAY</em> implement algorithms in this
- specification in any way desired, so long as the end result is indistinguishable
- from the result that would be obtained from the specification's algorithms.
+ note in any way desired, so long as the end result is indistinguishable
+ from the result that would be obtained from the note's algorithms.
</p>
</dd>
</dl>
<p>
- User agents that use ECMAScript to implement the APIs defined in this specification
+ User agents that use ECMAScript to implement the APIs defined in this note
<em class="rfc2119" title="MUST">MUST</em> implement them in a manner consistent with the
ECMAScript Bindings defined in the Web IDL specification [<cite><a class="bibref" href="#bib-WEBIDL">WEBIDL</a></cite>]
- as this specification uses that specification and terminology.
+ as this note uses that specification and terminology.
</p>
</section>
- <section id="scope" class="informative" typeof="bibo:Chapter" resource="#scope" rel="bibo:Chapter">
- <!--OddPage--><h2 aria-level="1" role="heading" id="h2_scope"><span class="secno">3. </span>Scope</h2><p><em>This section is non-normative.</em></p>
- <p>The considerations in the Scope section of [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>] apply to this specification as well. In particular, although this specification directly addresses the discovery of <a href="#dfn-named-origin-specific-pre-provisioned-keys" class="internalDFN">named origin-specific pre-provisioned keys</a>, it does not address the processes used to provision those keys or the type and properties of the hardware or software components in which they are stored.</p>
+ <section id="scope" class="informative" typeof="bibo:Chapter" resource="#scope" property="bibo:hasPart">
+ <!--OddPage--><h2 id="h-scope" resource="#h-scope"><span property="xhv:role" resource="xhv:heading"><span class="secno">3. </span>Scope</span></h2><p><em>This section is non-normative.</em></p>
+ <p>The considerations in the Scope section of [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>] apply to this note as well. In particular, although this note directly addresses the discovery of <a href="#dfn-named-origin-specific-pre-provisioned-keys" class="internalDFN" data-link-type="dfn">named origin-specific pre-provisioned keys</a>, it does not address the processes used to provision those keys or the type and properties of the hardware or software components in which they are stored.</p>
</section>
- <section class="informative" id="privacy-considerations">
- <!--OddPage--><h2 aria-level="1" role="heading" id="h2_privacy-considerations"><span class="secno">4. </span>Privacy considerations</h2><p><em>This section is non-normative.</em></p>
- <p>The Privacy considerations of [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>] apply to this specification.</p>
- <section id="named-origin-specific-pre-provisioned-keys">
- <h3 aria-level="2" role="heading" id="h3_named-origin-specific-pre-provisioned-keys"><span class="secno">4.1 </span>Named origin-specific pre-provisioned keys</h3>
- <section id="comparison-to-cookies-and-persistent-storage"><h4 aria-level="3" role="heading" id="h4_comparison-to-cookies-and-persistent-storage"><span class="secno">4.1.1 </span>Comparison to cookies and persistent storage</h4>
+ <section class="informative" id="privacy-considerations" typeof="bibo:Chapter" resource="#privacy-considerations" property="bibo:hasPart">
+ <!--OddPage--><h2 id="h-privacy-considerations" resource="#h-privacy-considerations"><span property="xhv:role" resource="xhv:heading"><span class="secno">4. </span>Privacy considerations</span></h2><p><em>This section is non-normative.</em></p>
+ <p>The Privacy considerations of [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>] apply to this note.</p>
+ <section id="named-origin-specific-pre-provisioned-keys" typeof="bibo:Chapter" resource="#named-origin-specific-pre-provisioned-keys" property="bibo:hasPart">
+ <h3 id="h-named-origin-specific-pre-provisioned-keys" resource="#h-named-origin-specific-pre-provisioned-keys"><span property="xhv:role" resource="xhv:heading"><span class="secno">4.1 </span>Named origin-specific pre-provisioned keys</span></h3>
+ <section id="comparison-to-cookies-and-persistent-storage" typeof="bibo:Chapter" resource="#comparison-to-cookies-and-persistent-storage" property="bibo:hasPart"><h4 id="h-comparison-to-cookies-and-persistent-storage" resource="#h-comparison-to-cookies-and-persistent-storage"><span property="xhv:role" resource="xhv:heading"><span class="secno">4.1.1 </span>Comparison to cookies and persistent storage</span></h4>
<p>The privacy considerations associated with origin-specific pre-provisioned keys are similar to those that apply to cookies [<cite><a class="bibref" href="#bib-COOKIES">COOKIES</a></cite>] and persistent storage, such as [<cite><a class="bibref" href="#bib-INDEXEDDB">INDEXEDDB</a></cite>]. The principle difference is that pre-provisioned keys are pre-existing, whereas cookies and persistent store are not. Thus sites can be relied upon to work (in an 'out-of-the-box' fashion) when cookies have been deleted and persistent store cleared. By contrast, sites that rely on pre-provisioned keys may not operate or may operate in a different fashion if the expected pre-provisioned keys are not available. Such sites may require users to choose whether to trade a certain amount of privacy for whatever service the site offers, or not access the service at all.</p></section>
- <section id="user-tracking">
- <h4 aria-level="3" role="heading" id="h4_user-tracking"><span class="secno">4.1.2 </span>User tracking</h4>
+ <section id="user-tracking" typeof="bibo:Chapter" resource="#user-tracking" property="bibo:hasPart">
+ <h4 id="h-user-tracking" resource="#h-user-tracking"><span property="xhv:role" resource="xhv:heading"><span class="secno">4.1.2 </span>User tracking</span></h4>
<p>A third-party host (or any object capable of getting content distributed to multiple sites) could use a named origin-specific pre-provisioned key to track a user across multiple sessions, building a profile of the user's activities. In conjunction with a site that is aware of the user's real identity (for example an e-commerce site that requires authenticated credentials), this could allow oppressive groups to target individuals with greater accuracy than in a world with purely anonymous Web usage.</p>
@@ -704,13 +692,13 @@
<p>However, user tracking is to some extent possible even with no cooperation from the user agent whatsoever, for instance by using session identifiers in URLs, a technique already commonly used for innocuous purposes but easily repurposed for user tracking (even retroactively). This information can then be shared with other sites, using visitors' IP addresses and other user-specific data (e.g. user-agent headers and configuration settings) to combine separate sessions into coherent user profiles.</p>
</section>
- <section id="cookie-resurrection">
- <h4 aria-level="3" role="heading" id="h4_cookie-resurrection"><span class="secno">4.1.3 </span>Cookie resurrection</h4>
+ <section id="cookie-resurrection" typeof="bibo:Chapter" resource="#cookie-resurrection" property="bibo:hasPart">
+ <h4 id="h-cookie-resurrection" resource="#h-cookie-resurrection"><span property="xhv:role" resource="xhv:heading"><span class="secno">4.1.3 </span>Cookie resurrection</span></h4>
- <p>If the user interface for the origin-specific pre-provisioned keys feature described in this specification presents data separately from data in HTTP session cookies or persistent storage, then users are likely to modify site authorization or delete data in one and not the others. This would allow sites to use the various features as redundant backup for each other, defeating a user's attempts to protect his privacy.</p>
+ <p>If the user interface for the origin-specific pre-provisioned keys feature described in this note presents data separately from data in HTTP session cookies or persistent storage, then users are likely to modify site authorization or delete data in one and not the others. This would allow sites to use the various features as redundant backup for each other, defeating a user's attempts to protect his privacy.</p>
</section>
- <section id="sensitivity-of-data">
- <h4 aria-level="3" role="heading" id="h4_sensitivity-of-data"><span class="secno">4.1.4 </span>Sensitivity of data</h4>
+ <section id="sensitivity-of-data" typeof="bibo:Chapter" resource="#sensitivity-of-data" property="bibo:hasPart">
+ <h4 id="h-sensitivity-of-data" resource="#h-sensitivity-of-data"><span property="xhv:role" resource="xhv:heading"><span class="secno">4.1.4 </span>Sensitivity of data</span></h4>
<p>User agents should treat pre-provisioned keys and material generated using such keys as potentially sensitive; it is quite possible for the user privacy to be compromised by the release of this information.</p>
@@ -719,51 +707,51 @@
</section>
</section>
- <section class="section" id="dependencies" typeof="bibo:Chapter" resource="#dependencies" rel="bibo:Chapter">
- <!--OddPage--><h2 aria-level="1" role="heading" id="h2_dependencies"><span class="secno">5. </span>Dependencies</h2>
+ <section class="section" id="dependencies" typeof="bibo:Chapter" resource="#dependencies" property="bibo:hasPart">
+ <!--OddPage--><h2 id="h-dependencies" resource="#h-dependencies"><span property="xhv:role" resource="xhv:heading"><span class="secno">5. </span>Dependencies</span></h2>
<p>
- This specification relies on several other underlying specifications.
+ This note relies on several other underlying specifications.
</p>
<dl>
<dt>HTML5</dt>
<dd>The terms and algorithms
- <dfn title="Window" id="dfn-window"><code>Window</code></dfn>,
- <dfn title="Function" id="dfn-function"><code>Function</code></dfn>,
- <dfn id="dfn-origin">origin</dfn>, <dfn id="dfn-same-origin">same origin</dfn>, <dfn id="dfn-structured-clone">structured clone</dfn>,
- and <dfn id="dfn-structured-clone-algorithm">structured clone algorithm</dfn> are defined by the HTML 5
+ <dfn data-dfn-type="dfn" id="dfn-window"><code>Window</code></dfn>,
+ <dfn data-dfn-type="dfn" id="dfn-function"><code>Function</code></dfn>,
+ <dfn data-dfn-type="dfn" id="dfn-origin">origin</dfn>, <dfn data-dfn-type="dfn" id="dfn-same-origin">same origin</dfn>, <dfn data-dfn-type="dfn" id="dfn-structured-clone">structured clone</dfn>,
+ and <dfn data-dfn-type="dfn" id="dfn-structured-clone-algorithm">structured clone algorithm</dfn> are defined by the HTML 5
specification [<cite><a class="bibref" href="#bib-HTML5">HTML5</a></cite>].
</dd>
<dt>Web Cryptography API</dt>
- <dd><p>A <a href="#dfn-conforming-user-agent" class="internalDFN">conforming user agent</a> <em class="rfc2119" title="MUST">MUST</em> support the Web Cryptography API [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>].</p>
- <p>The term <dfn title="Key" id="dfn-key"><code>Key</code></dfn> is defined in [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>].</p>
+ <dd><p>A <a href="#dfn-conforming-user-agent" class="internalDFN" data-link-type="dfn">conforming user agent</a> <em class="rfc2119" title="MUST">MUST</em> support the Web Cryptography API [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>].</p>
+ <p>The term <dfn data-dfn-type="dfn" id="dfn-key"><code>Key</code></dfn> is defined in [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>].</p>
</dd>
<dt>WebIDL</dt>
<dd>Many of the interface definitions and all of the IDL in this spec depends on [<cite><a class="bibref" href="#bib-WEBIDL">WEBIDL</a></cite>].</dd>
<dt>WebWorkers</dt>
- <dd>The term <dfn title="WorkerGlobalScope" id="dfn-workerglobalscope"><a class="externalDFN"><code>WorkerGlobalScope</code></a></dfn> is defined by
+ <dd>The term <dfn data-dfn-type="dfn" id="dfn-workerglobalscope"><a class="externalDFN"><code>WorkerGlobalScope</code></a></dfn> is defined by
the WebWorkers specification [<cite><a class="bibref" href="#bib-WEBWORKERS">WEBWORKERS</a></cite>].</dd>
</dl>
</section>
- <section id="api-definition">
- <!--OddPage--><h2 aria-level="1" role="heading" id="h2_api-definition"><span class="secno">6. </span>API definition</h2>
- <section class="informative" id="overview"><h3 aria-level="2" role="heading" id="h3_overview"><span class="secno">6.1 </span>Overview</h3><p><em>This section is non-normative.</em></p>
- <p>This specification defines a new <code>cryptokeys</code> attribute on the <a href="#idl-def-Window" class="idlType"><code>Window</code></a> and <a href="#idl-def-WorkerGlobalScope" class="idlType"><code>WorkerGlobalScope</code></a>
- objects. This attribute is an object supporting a method, <code>getKeyByName</code> which may be used to get the key with a given name. Keys are
- returned as <a href="#idl-def-NamedKey" class="idlType"><code>NamedKey</code></a> objects which are subclasses of the <a href="#dfn-key" class="internalDFN"><code>Key</code></a> class.</p></section>
+ <section id="api-definition" typeof="bibo:Chapter" resource="#api-definition" property="bibo:hasPart">
+ <!--OddPage--><h2 id="h-api-definition" resource="#h-api-definition"><span property="xhv:role" resource="xhv:heading"><span class="secno">6. </span>API definition</span></h2>
+ <section class="informative" id="overview" typeof="bibo:Chapter" resource="#overview" property="bibo:hasPart"><h3 id="h-overview" resource="#h-overview"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.1 </span>Overview</span></h3><p><em>This section is non-normative.</em></p>
+ <p>This note defines a new <a data-lt="cryptokeys" href="#dfn-cryptokeys" class="internalDFN" data-link-type="dfn"><code>cryptokeys</code></a> attribute on the <a href="#idl-def-Window" class="idlType"><code>Window</code></a> and <a href="#idl-def-WorkerGlobalScope" class="idlType"><code>WorkerGlobalScope</code></a>
+ objects. This attribute is an object supporting a method, <a data-lt="getKeyByName" href="#dfn-getkeybyname" class="internalDFN" data-link-type="dfn"><code>getKeyByName</code></a> which may be used to get the key with a given name. Keys are
+ returned as <a href="#idl-def-NamedKey" class="idlType"><code>NamedKey</code></a> objects which are subclasses of the <a href="#dfn-key" class="internalDFN" data-link-type="dfn"><code><code>Key</code></code></a> class.</p></section>
- <section id="namedkey-interface"><h3 aria-level="2" role="heading" id="h3_namedkey-interface"><span class="secno">6.2 </span>NamedKey interface</h3>
- <pre class="idl"><span class="idlInterface" id="idl-def-NamedKey">interface <span class="idlInterfaceID">NamedKey</span> : <span class="idlSuperclass"><a href="#dfn-key" class="internalDFN">Key</a></span> {
-<span class="idlAttribute"> readonly attribute <span class="idlAttrType">DOMString</span> <span class="idlAttrName"><a href="#widl-NamedKey-name">name</a></span>;</span>
-<span class="idlAttribute"> readonly attribute <span class="idlAttrType">DOMString?</span> <span class="idlAttrName"><a href="#widl-NamedKey-id">id</a></span>;</span>
-};</span></pre><section id="attributes"><h4 aria-level="3" role="heading" id="h4_attributes"><span class="secno">6.2.1 </span>Attributes</h4><dl class="attributes"><dt id="widl-NamedKey-id"><code>id</code> of type <span class="idlAttrType">DOMString</span>, readonly , nullable</dt><dd>
+ <section id="namedkey-interface" typeof="bibo:Chapter" resource="#namedkey-interface" property="bibo:hasPart"><h3 id="h-namedkey-interface" resource="#h-namedkey-interface"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.2 </span>NamedKey interface</span></h3>
+ <pre class="idl"><span class="idlInterface" id="idl-def-NamedKey">interface <span class="idlInterfaceID">NamedKey</span> : <span class="idlSuperclass"><a href="#dfn-key" class="internalDFN" data-link-type="dfn"><code>Key</code></a></span> {
+<span class="idlAttribute"> readonly attribute <span class="idlAttrType">DOMString</span> <span class="idlAttrName"><a href="#widl-NamedKey-name">name</a></span>;</span>
+<span class="idlAttribute"> readonly attribute <span class="idlAttrType">DOMString?</span> <span class="idlAttrName"><a href="#widl-NamedKey-id">id</a></span>;</span>
+};</span></pre><section id="attributes" typeof="bibo:Chapter" resource="#attributes" property="bibo:hasPart"><h4 id="h-attributes" resource="#h-attributes"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.2.1 </span>Attributes</span></h4><dl class="attributes"><dt id="widl-NamedKey-id"><code>id</code> of type <span class="idlAttrType">DOMString</span>, readonly , nullable</dt><dd>
<p>A global identifier associated with the key.</p>
- <p>Origin-specific pre-provisioned keys are frequently provisioned with associated identifiers. Where an identifier exists that uniquely identifies the key amongst all keys pre-provisoned with the same <a href="#dfn-origin" class="internalDFN">origin</a> and <code>name</code> and if this identifier can be canonically expressed as a sequence of no more than 256 bytes, then this identifier <em class="rfc2119" title="SHOULD">SHOULD</em> be exposed, base64 encoded, as the <code>id</code>. If no identifier matching these conditions exists, <code>id</code> <em class="rfc2119" title="MUST">MUST</em> be <code>null</code>.</p>
- </dd><dt id="widl-NamedKey-name"><code>name</code> of type <span class="idlAttrType">DOMString</span>, readonly </dt><dd><p>A local identifier for the key.</p></dd></dl></section>
- <section id="structured-clone-algorithm"><h4 aria-level="3" role="heading" id="h4_structured-clone-algorithm"><span class="secno">6.2.2 </span>Structured clone algorithm</h4>
- <p>When a user agent is required to obtain a <a href="#dfn-structured-clone" class="internalDFN">structured clone</a> of a <a href="#idl-def-NamedKey" class="idlType"><code>NamedKey</code></a> object, it must run the following steps.</p>
+ <p>Origin-specific pre-provisioned keys are frequently provisioned with associated identifiers. Where an identifier exists that uniquely identifies the key amongst all keys pre-provisoned with the same <a href="#dfn-origin" class="internalDFN" data-link-type="dfn">origin</a> and <code>name</code> and if this identifier can be canonically expressed as a sequence of no more than 256 bytes, then this identifier <em class="rfc2119" title="SHOULD">SHOULD</em> be exposed, base64 encoded, as the <code>id</code>. If no identifier matching these conditions exists, <code>id</code> <em class="rfc2119" title="MUST">MUST</em> be <code>null</code>.</p>
+ </dd><dt id="widl-NamedKey-name"><code>name</code> of type <span class="idlAttrType">DOMString</span>, readonly </dt><dd><p>A local identifier for the key.</p></dd></dl></section>
+ <section id="structured-clone-algorithm" typeof="bibo:Chapter" resource="#structured-clone-algorithm" property="bibo:hasPart"><h4 id="h-structured-clone-algorithm" resource="#h-structured-clone-algorithm"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.2.2 </span>Structured clone algorithm</span></h4>
+ <p>When a user agent is required to obtain a <a href="#dfn-structured-clone" class="internalDFN" data-link-type="dfn">structured clone</a> of a <a href="#idl-def-NamedKey" class="idlType"><code>NamedKey</code></a> object, it must run the following steps.</p>
<ol>
- <li>Let <var>input</var> and <var>memory</var> be the corresponding inputs defined by the <a title="structured clone algorithm" href="#dfn-structured-clone-algorithm" class="internalDFN">internal structured clone algorithm</a>, where <var>input</var> is a <a href="#idl-def-NamedKey" class="idlType"><code>NamedKey</code></a> object to be cloned.</li>
+ <li>Let <var>input</var> and <var>memory</var> be the corresponding inputs defined by the <a data-lt="structured clone algorithm" href="#dfn-structured-clone-algorithm" class="internalDFN" data-link-type="dfn">internal structured clone algorithm</a>, where <var>input</var> is a <a href="#idl-def-NamedKey" class="idlType"><code>NamedKey</code></a> object to be cloned.</li>
<li>Let <var>output</var> be a newly constructed <a href="#idl-def-NamedKey" class="idlType"><code>NamedKey</code></a> object, where the structured clone algorithm is followed for the base <code>Key</code> object.</li>
<li>Let the following attributes of <var>output</var> be equal to the value obtained by invoking the internal structured clone algorithm recursively, using the corresponding attribute on <var>input</var> as the new "<var>input</var>" argument and <var>memory</var> as the new "<var>memory</var>" argument:
<ul>
@@ -773,15 +761,15 @@
</ol>
</section>
- <section id="immutability-of-namedkey-objects"><h4 aria-level="3" role="heading" id="h4_immutability-of-namedkey-objects"><span class="secno">6.2.3 </span>Immutability of NamedKey objects</h4>
+ <section id="immutability-of-namedkey-objects" typeof="bibo:Chapter" resource="#immutability-of-namedkey-objects" property="bibo:hasPart"><h4 id="h-immutability-of-namedkey-objects" resource="#h-immutability-of-namedkey-objects"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.2.3 </span>Immutability of NamedKey objects</span></h4>
<p>The <code>name</code> and <code>id</code> attributes of a <a href="#idl-def-NamedKey" class="idlType"><code>NamedKey</code></a> object <em class="rfc2119" title="SHALL NOT">SHALL NOT</em> change. The underlying cryptographic key <em class="rfc2119" title="SHALL NOT">SHALL NOT</em> change, except that it <em class="rfc2119" title="MAY">MAY</em> be removed altogether. In this case any attempt to use the <a href="#idl-def-NamedKey" class="idlType"><code>NamedKey</code></a> object shall return an error.</p>
</section>
</section>
- <section id="cryptokeys-interface"><h3 aria-level="2" role="heading" id="h3_cryptokeys-interface"><span class="secno">6.3 </span>CryptoKeys interface</h3>
+ <section id="cryptokeys-interface" typeof="bibo:Chapter" resource="#cryptokeys-interface" property="bibo:hasPart"><h3 id="h-cryptokeys-interface" resource="#h-cryptokeys-interface"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.3 </span>CryptoKeys interface</span></h3>
<pre class="idl"><span class="idlInterface" id="idl-def-CryptoKeys">[<span class="extAttr">NoInterfaceObject</span>]
interface <span class="idlInterfaceID">CryptoKeys</span> {
<span class="idlMethod"> <span class="idlMethType">Promise</span> <span class="idlMethName"><a href="#widl-CryptoKeys-getKeyByName-Promise-DOMString-name">getKeyByName</a></span> (<span class="idlParam"><span class="idlParamType">DOMString</span> <span class="idlParamName">name</span></span>);</span>
-};</span></pre><section id="methods"><h4 aria-level="3" role="heading" id="h4_methods"><span class="secno">6.3.1 </span>Methods</h4><dl class="methods"><dt id="widl-CryptoKeys-getKeyByName-Promise-DOMString-name"><code>getKeyByName</code></dt><dd>
+};</span></pre><section id="methods" typeof="bibo:Chapter" resource="#methods" property="bibo:hasPart"><h4 id="h-methods" resource="#h-methods"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.3.1 </span>Methods</span></h4><dl class="methods"><dt id="widl-CryptoKeys-getKeyByName-Promise-DOMString-name"><code>getKeyByName</code></dt><dd>
<p>When invoked, this method must perform the following steps:
</p><ol>
<li>Let <var>promise</var> be a new <code>Promise</code>
@@ -804,22 +792,22 @@
<table class="parameters"><tbody><tr><th>Parameter</th><th>Type</th><th>Nullable</th><th>Optional</th><th>Description</th></tr><tr><td class="prmName">name</td><td class="prmType"><code>DOMString</code></td><td class="prmNullFalse"><span role="img" aria-label="False">✘</span></td><td class="prmOptFalse"><span role="img" aria-label="False">✘</span></td><td class="prmDesc"></td></tr></tbody></table><div><em>Return type: </em><code>Promise</code></div></dd></dl></section>
</section>
- <section id="extension-of-window-interface"><h3 aria-level="2" role="heading" id="h3_extension-of-window-interface"><span class="secno">6.4 </span>Extension of Window interface</h3>
+ <section id="extension-of-window-interface" typeof="bibo:Chapter" resource="#extension-of-window-interface" property="bibo:hasPart"><h3 id="h-extension-of-window-interface" resource="#h-extension-of-window-interface"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.4 </span>Extension of Window interface</span></h3>
<pre class="idl"><span class="idlInterface" id="idl-def-Window">partial interface <span class="idlInterfaceID">Window</span> {
-<span class="idlAttribute"> readonly attribute <span class="idlAttrType"><a href="#idl-def-CryptoKeys" class="idlType"><code>CryptoKeys</code></a></span> <span class="idlAttrName"><a href="#widl-Window-cryptokeys">cryptokeys</a></span>;</span>
-};</span></pre><section id="attributes-1"><h4 aria-level="3" role="heading" id="h4_attributes-1"><span class="secno">6.4.1 </span>Attributes</h4><dl class="attributes"><dt id="widl-Window-cryptokeys"><code>cryptokeys</code> of type <span class="idlAttrType"><a href="#idl-def-CryptoKeys" class="idlType"><code>CryptoKeys</code></a></span>, readonly </dt><dd>The object that exposes the key discovery methods</dd></dl></section></section>
+<span class="idlAttribute"> readonly attribute <span class="idlAttrType"><a href="#idl-def-CryptoKeys" class="idlType"><code>CryptoKeys</code></a></span> <span class="idlAttrName"><a href="#widl-Window-cryptokeys">cryptokeys</a></span>;</span>
+};</span></pre><section id="attributes-1" typeof="bibo:Chapter" resource="#attributes-1" property="bibo:hasPart"><h4 id="h-attributes-1" resource="#h-attributes-1"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.4.1 </span>Attributes</span></h4><dl class="attributes"><dt id="widl-Window-cryptokeys"><code>cryptokeys</code> of type <span class="idlAttrType"><a href="#idl-def-CryptoKeys" class="idlType"><code>CryptoKeys</code></a></span>, readonly </dt><dd>The object that exposes the key discovery methods</dd></dl></section></section>
- <section id="extension-of-workerglobalscope-interface"><h3 aria-level="2" role="heading" id="h3_extension-of-workerglobalscope-interface"><span class="secno">6.5 </span>Extension of WorkerGlobalScope interface</h3>
+ <section id="extension-of-workerglobalscope-interface" typeof="bibo:Chapter" resource="#extension-of-workerglobalscope-interface" property="bibo:hasPart"><h3 id="h-extension-of-workerglobalscope-interface" resource="#h-extension-of-workerglobalscope-interface"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.5 </span>Extension of WorkerGlobalScope interface</span></h3>
<pre class="idl"><span class="idlInterface" id="idl-def-WorkerGlobalScope">partial interface <span class="idlInterfaceID">WorkerGlobalScope</span> {
-<span class="idlAttribute"> readonly attribute <span class="idlAttrType"><a href="#idl-def-CryptoKeys" class="idlType"><code>CryptoKeys</code></a></span> <span class="idlAttrName"><a href="#widl-WorkerGlobalScope-cryptokeys">cryptokeys</a></span>;</span>
-};</span></pre><section id="attributes-2"><h4 aria-level="3" role="heading" id="h4_attributes-2"><span class="secno">6.5.1 </span>Attributes</h4><dl class="attributes"><dt id="widl-WorkerGlobalScope-cryptokeys"><code>cryptokeys</code> of type <span class="idlAttrType"><a href="#idl-def-CryptoKeys" class="idlType"><code>CryptoKeys</code></a></span>, readonly </dt><dd>The object that exposes the key discovery methods</dd></dl></section></section>
+<span class="idlAttribute"> readonly attribute <span class="idlAttrType"><a href="#idl-def-CryptoKeys" class="idlType"><code>CryptoKeys</code></a></span> <span class="idlAttrName"><a href="#widl-WorkerGlobalScope-cryptokeys">cryptokeys</a></span>;</span>
+};</span></pre><section id="attributes-2" typeof="bibo:Chapter" resource="#attributes-2" property="bibo:hasPart"><h4 id="h-attributes-2" resource="#h-attributes-2"><span property="xhv:role" resource="xhv:heading"><span class="secno">6.5.1 </span>Attributes</span></h4><dl class="attributes"><dt id="widl-WorkerGlobalScope-cryptokeys"><code>cryptokeys</code> of type <span class="idlAttrType"><a href="#idl-def-CryptoKeys" class="idlType"><code>CryptoKeys</code></a></span>, readonly </dt><dd>The object that exposes the key discovery methods</dd></dl></section></section>
</section>
- <section id="example">
- <!--OddPage--><h2 aria-level="1" role="heading" id="h2_example"><span class="secno">7. </span>Example</h2>
- <section id="using-a-pre-provisioned-aes-kw-key-to-unwrap-a-session-key">
- <h3 aria-level="2" role="heading" id="h3_using-a-pre-provisioned-aes-kw-key-to-unwrap-a-session-key"><span class="secno">7.1 </span>Using a pre-provisioned AES-KW key to unwrap a session key</h3>
- <div class="example"><div class="example-title"><span>Example 1</span></div><pre class="example">window.cryptokeys.getKeyByName( "Kunwrap" ).then( function( key ) {
+ <section id="example" typeof="bibo:Chapter" resource="#example" property="bibo:hasPart">
+ <!--OddPage--><h2 id="h-example" resource="#h-example"><span property="xhv:role" resource="xhv:heading"><span class="secno">7. </span>Example</span></h2>
+ <section id="using-a-pre-provisioned-aes-kw-key-to-unwrap-a-session-key" typeof="bibo:Chapter" resource="#using-a-pre-provisioned-aes-kw-key-to-unwrap-a-session-key" property="bibo:hasPart">
+ <h3 id="h-using-a-pre-provisioned-aes-kw-key-to-unwrap-a-session-key" resource="#h-using-a-pre-provisioned-aes-kw-key-to-unwrap-a-session-key"><span property="xhv:role" resource="xhv:heading"><span class="secno">7.1 </span>Using a pre-provisioned AES-KW key to unwrap a session key</span></h3>
+ <div class="example"><div class="example-title marker"><span>Example 1</span></div><pre class="">window.cryptokeys.getKeyByName( "Kunwrap" ).then( function( key ) {
if ( key === null ) {
console.error( "Unwrapping key, 'Kunwrap', not found.");
@@ -854,11 +842,11 @@
-->
-<section id="references" class="appendix" typeof="bibo:Chapter" resource="#references" rel="bibo:Chapter"><!--OddPage--><h2 aria-level="1" role="heading" id="h2_references"><span class="secno">A. </span>References</h2><section id="normative-references" typeof="bibo:Chapter" resource="#normative-references" rel="bibo:Chapter"><h3 aria-level="2" role="heading" id="h3_normative-references"><span class="secno">A.1 </span>Normative references</h3><dl class="bibliography" about=""><dt id="bib-HTML5">[HTML5]</dt><dd rel="dcterms:requires">Robin Berjon; Steve Faulkner; Travis Leithead; Erika Doyle Navara; Edward O'Connor; Silvia Pfeiffer. <a href="http://www.w3.org/TR/html5/"><cite>HTML5</cite></a>. 29 April 2014. W3C Candidate Recommendation. URL: <a href="http://www.w3.org/TR/html5/">http://www.w3.org/TR/html5/</a>
-</dd><dt id="bib-RFC2119">[RFC2119]</dt><dd rel="dcterms:requires">S. Bradner. <a href="http://www.ietf.org/rfc/rfc2119.txt"><cite>Key words for use in RFCs to Indicate Requirement Levels.</cite></a> March 1997. Internet RFC 2119. URL: <a href="http://www.ietf.org/rfc/rfc2119.txt">http://www.ietf.org/rfc/rfc2119.txt</a>
-</dd><dt id="bib-WEBCRYPTO">[WEBCRYPTO]</dt><dd rel="dcterms:requires">Ryan Sleevi, Mark Watson <a href="http://www.w3.org/TR/WebCryptoAPI/"><cite>Web Cryptography API.</cite></a> W3C Working Draft (Work in progress.) URL: <a href="http://www.w3.org/TR/WebCryptoAPI/">http://www.w3.org/TR/WebCryptoAPI/</a>
-</dd><dt id="bib-WEBIDL">[WEBIDL]</dt><dd rel="dcterms:requires">Cameron McCormack. <a href="http://www.w3.org/TR/WebIDL/"><cite>Web IDL</cite></a>. 19 April 2012. W3C Candidate Recommendation. URL: <a href="http://www.w3.org/TR/WebIDL/">http://www.w3.org/TR/WebIDL/</a>
-</dd><dt id="bib-WEBWORKERS">[WEBWORKERS]</dt><dd rel="dcterms:requires">Ian Hickson. <a href="http://www.w3.org/TR/workers/"><cite>Web Workers</cite></a>. 1 May 2012. W3C Candidate Recommendation. URL: <a href="http://www.w3.org/TR/workers/">http://www.w3.org/TR/workers/</a>
-</dd></dl></section><section id="informative-references" typeof="bibo:Chapter" resource="#informative-references" rel="bibo:Chapter"><h3 aria-level="2" role="heading" id="h3_informative-references"><span class="secno">A.2 </span>Informative references</h3><dl class="bibliography" about=""><dt id="bib-COOKIES">[COOKIES]</dt><dd rel="dcterms:references">A. Barth. <a href="http://www.ietf.org/rfc/rfc6265.txt"><cite>HTTP State Management Mechanism</cite></a>. April 2011. RFC. URL: <a href="http://www.ietf.org/rfc/rfc6265.txt">http://www.ietf.org/rfc/rfc6265.txt</a>
-</dd><dt id="bib-INDEXEDDB">[INDEXEDDB]</dt><dd rel="dcterms:references">Nikunj Mehta; Jonas Sicking; Eliot Graff; Andrei Popescu; Jeremy Orlow; Joshua Bell. <a href="http://www.w3.org/TR/IndexedDB/"><cite>Indexed Database API</cite></a>. 4 July 2013. W3C Candidate Recommendation. URL: <a href="http://www.w3.org/TR/IndexedDB/">http://www.w3.org/TR/IndexedDB/</a>
-</dd></dl></section></section></body></html>
\ No newline at end of file
+<section id="references" class="appendix" typeof="bibo:Chapter" resource="#references" property="bibo:hasPart"><!--OddPage--><h2 id="h-references" resource="#h-references"><span property="xhv:role" resource="xhv:heading"><span class="secno">A. </span>References</span></h2><section id="normative-references" typeof="bibo:Chapter" resource="#normative-references" property="bibo:hasPart"><h3 id="h-normative-references" resource="#h-normative-references"><span property="xhv:role" resource="xhv:heading"><span class="secno">A.1 </span>Normative references</span></h3><dl class="bibliography" resource=""><dt id="bib-HTML5">[HTML5]</dt><dd>Ian Hickson; Robin Berjon; Steve Faulkner; Travis Leithead; Erika Doyle Navara; Edward O'Connor; Silvia Pfeiffer. W3C. <a href="http://www.w3.org/TR/html5/" property="dc:requires"><cite>HTML5</cite></a>. 28 October 2014. W3C Recommendation. URL: <a href="http://www.w3.org/TR/html5/" property="dc:requires">http://www.w3.org/TR/html5/</a>
+</dd><dt id="bib-RFC2119">[RFC2119]</dt><dd>S. Bradner. IETF. <a href="https://tools.ietf.org/html/rfc2119" property="dc:requires"><cite>Key words for use in RFCs to Indicate Requirement Levels</cite></a>. March 1997. Best Current Practice. URL: <a href="https://tools.ietf.org/html/rfc2119" property="dc:requires">https://tools.ietf.org/html/rfc2119</a>
+</dd><dt id="bib-WEBCRYPTO">[WEBCRYPTO]</dt><dd>Ryan Sleevi, Mark Watson <a href="http://www.w3.org/TR/WebCryptoAPI/" property="dc:requires"><cite>Web Cryptography API.</cite></a> W3C Working Draft (Work in progress.) URL: <a href="http://www.w3.org/TR/WebCryptoAPI/" property="dc:requires">http://www.w3.org/TR/WebCryptoAPI/</a>
+</dd><dt id="bib-WEBIDL">[WEBIDL]</dt><dd>Cameron McCormack; Boris Zbarsky. W3C. <a href="http://www.w3.org/TR/WebIDL-1/" property="dc:requires"><cite>WebIDL Level 1</cite></a>. 8 March 2016. W3C Candidate Recommendation. URL: <a href="http://www.w3.org/TR/WebIDL-1/" property="dc:requires">http://www.w3.org/TR/WebIDL-1/</a>
+</dd><dt id="bib-WEBWORKERS">[WEBWORKERS]</dt><dd>Ian Hickson. W3C. <a href="http://www.w3.org/TR/workers/" property="dc:requires"><cite>Web Workers</cite></a>. 24 September 2015. W3C Working Draft. URL: <a href="http://www.w3.org/TR/workers/" property="dc:requires">http://www.w3.org/TR/workers/</a>
+</dd></dl></section><section id="informative-references" typeof="bibo:Chapter" resource="#informative-references" property="bibo:hasPart"><h3 id="h-informative-references" resource="#h-informative-references"><span property="xhv:role" resource="xhv:heading"><span class="secno">A.2 </span>Informative references</span></h3><dl class="bibliography" resource=""><dt id="bib-COOKIES">[COOKIES]</dt><dd>A. Barth. IETF. <a href="https://tools.ietf.org/html/rfc6265" property="dc:references"><cite>HTTP State Management Mechanism</cite></a>. April 2011. Proposed Standard. URL: <a href="https://tools.ietf.org/html/rfc6265" property="dc:references">https://tools.ietf.org/html/rfc6265</a>
+</dd><dt id="bib-INDEXEDDB">[INDEXEDDB]</dt><dd>Nikunj Mehta; Jonas Sicking; Eliot Graff; Andrei Popescu; Jeremy Orlow; Joshua Bell. W3C. <a href="http://www.w3.org/TR/IndexedDB/" property="dc:references"><cite>Indexed Database API</cite></a>. 8 January 2015. W3C Recommendation. URL: <a href="http://www.w3.org/TR/IndexedDB/" property="dc:references">http://www.w3.org/TR/IndexedDB/</a>
+</dd></dl></section></section><p role="navigation" id="back-to-top"><a href="#toc"><abbr title="Back to Top">↑</abbr></a></p><script async="" defer="" src="https://www.w3.org/scripts/TR/2016/fixup.js"></script></body></html>
\ No newline at end of file
--- a/keydiscovery-source.html Thu May 15 11:57:46 2014 -0700
+++ b/keydiscovery-source.html Wed Mar 23 10:46:08 2016 -0700
@@ -40,15 +40,16 @@
For the three scripts below, if your spec resides on dev.w3 you can check them
out in the same tree and use relative links so that they'll work offline,
-->
- <script src='http://darobin.github.com/respec/builds/respec-w3c-common.js' class='remove' async></script>
+ <script src='https://www.w3.org/Tools/respec/respec-w3c-common' class='remove' async></script>
<script type="text/javascript" class='remove'>
var respecConfig = { specStatus: "ED",
+ noRecTrack: true,
shortName: "webcrypto-key-discovery",
editors: [{ name: "Mark Watson",
mailto: "watsonm@netflix.com",
company: "Netflix",
companyURL: "http://www.netflix.com/"} ],
- publishDate: "2014-05-15",
+ publishDate: "2016-03-23",
previousPublishDate: "2013-01-08",
// edEnd: "",
previousMaturity: "WD",
@@ -67,17 +68,17 @@
</head>
<body>
<section id='abstract'>
- <p>This specification describes a JavaScript API for discovering named, origin-specific pre-provisioned
+ <p>This note describes a JavaScript API for discovering named, origin-specific pre-provisioned
cryptographic keys for use with the Web Cryptography API. Pre-provisioned keys are keys which have been made
available to the UA by means other than the generation, derivation, importation and unwrapping functions of the
Web Cryptography API. Origin-specific keys are keys that are available only to a specified origin. Named keys
are identified by a name assumed to be known to the origin in question and provisioned with the key itself.
- This specification concerns only keys which have all three of these properties.
+ This note concerns only keys which have all three of these properties.
</p>
</section>
<section id="sotd">
- <p>This document is an Editor's Draft of the WebCrypto Key Discovery recommendation. It defines an API that provides access to named origin-specific pre-provisioned keys.
+ <p>This document is an Editor's Draft of the WebCrypto Key Discovery note. It defines an API that provides access to named origin-specific pre-provisioned keys.
The privacy issues associated with such keys require special attention and
the privacy related material in this document has not yet received thorough review by the community.</p>
</section>
@@ -107,7 +108,7 @@
<section id="conformance">
<p>
- The following conformance classes are defined by this specification:
+ The following conformance classes are defined by this note:
</p>
<dl>
<dt><dfn>conforming user agent</dfn></dt>
@@ -115,33 +116,33 @@
<p>
A user agent is considered to be a conforming user agent
if it satisfies all of the MUST-, REQUIRED- and SHALL-level
- criteria in this specification that apply to implementation. This specification
+ criteria in this note that apply to implementation. This note
uses both the terms "conforming user agent" and "user agent" to refer to this
product class.
</p>
<p>
User agents MAY implement algorithms in this
- specification in any way desired, so long as the end result is indistinguishable
- from the result that would be obtained from the specification's algorithms.
+ note in any way desired, so long as the end result is indistinguishable
+ from the result that would be obtained from the note's algorithms.
</p>
</dd>
</dl>
<p>
- User agents that use ECMAScript to implement the APIs defined in this specification
+ User agents that use ECMAScript to implement the APIs defined in this note
MUST implement them in a manner consistent with the
ECMAScript Bindings defined in the Web IDL specification [[!WEBIDL]]
- as this specification uses that specification and terminology.
+ as this note uses that specification and terminology.
</p>
</section>
<section id="scope" class="informative">
<h2>Scope</h2>
- <p>The considerations in the Scope section of [[!WEBCRYPTO]] apply to this specification as well. In particular, although this specification directly addresses the discovery of <a>named origin-specific pre-provisioned keys</a>, it does not address the processes used to provision those keys or the type and properties of the hardware or software components in which they are stored.</p>
+ <p>The considerations in the Scope section of [[!WEBCRYPTO]] apply to this note as well. In particular, although this note directly addresses the discovery of <a>named origin-specific pre-provisioned keys</a>, it does not address the processes used to provision those keys or the type and properties of the hardware or software components in which they are stored.</p>
</section>
<section class="informative">
<h2>Privacy considerations</h2>
- <p>The Privacy considerations of [[!WEBCRYPTO]] apply to this specification.</p>
+ <p>The Privacy considerations of [[!WEBCRYPTO]] apply to this note.</p>
<section>
<h3>Named origin-specific pre-provisioned keys</h3>
<section><h3>Comparison to cookies and persistent storage</h3>
@@ -186,7 +187,7 @@
<section>
<h4>Cookie resurrection</h4>
- <p>If the user interface for the origin-specific pre-provisioned keys feature described in this specification presents data separately from data in HTTP session cookies or persistent storage, then users are likely to modify site authorization or delete data in one and not the others. This would allow sites to use the various features as redundant backup for each other, defeating a user's attempts to protect his privacy.</p>
+ <p>If the user interface for the origin-specific pre-provisioned keys feature described in this note presents data separately from data in HTTP session cookies or persistent storage, then users are likely to modify site authorization or delete data in one and not the others. This would allow sites to use the various features as redundant backup for each other, defeating a user's attempts to protect his privacy.</p>
</section>
<section>
<h4>Sensitivity of data</h4>
@@ -201,25 +202,25 @@
<section class="section" id="dependencies">
<h3>Dependencies</h3>
<p>
- This specification relies on several other underlying specifications.
+ This note relies on several other underlying specifications.
</p>
<dl>
<dt>HTML5</dt>
<dd>The terms and algorithms
- <dfn title="Window"><code>Window</code></dfn>,
- <dfn title="Function"><code>Function</code></dfn>,
+ <dfn><code>Window</code></dfn>,
+ <dfn><code>Function</code></dfn>,
<dfn>origin</dfn>, <dfn>same origin</dfn>, <dfn>structured clone</dfn>,
and <dfn>structured clone algorithm</dfn> are defined by the HTML 5
specification [[!HTML5]].
</dd>
<dt>Web Cryptography API</dt>
<dd><p>A <a>conforming user agent</a> MUST support the Web Cryptography API [[!WEBCRYPTO]].</p>
- <p>The term <dfn title="Key"><code>Key</code></dfn> is defined in [[!WEBCRYPTO]].</p>
+ <p>The term <dfn><code>Key</code></dfn> is defined in [[!WEBCRYPTO]].</p>
</dd>
<dt>WebIDL</dt>
<dd>Many of the interface definitions and all of the IDL in this spec depends on [[!WEBIDL]].</dd>
<dt>WebWorkers</dt>
- <dd>The term <dfn title="WorkerGlobalScope"><a class="externalDFN"><code>WorkerGlobalScope</code></a></dfn> is defined by
+ <dd>The term <dfn><a class="externalDFN"><code>WorkerGlobalScope</code></a></dfn> is defined by
the WebWorkers specification [[!WEBWORKERS]].</dd>
</dl>
</section>
@@ -227,8 +228,8 @@
<section>
<h2>API definition</h2>
<section class="informative"><h3>Overview</h3>
- <p>This specification defines a new <a title="cryptokeys"><code>cryptokeys</code></a> attribute on the <a><code>Window</code></a> and <a><code>WorkerGlobalScope</code></a>
- objects. This attribute is an object supporting a method, <a title="getKeyByName"><code>getKeyByName</code></a> which may be used to get the key with a given name. Keys are
+ <p>This note defines a new <a data-lt="cryptokeys"><code>cryptokeys</code></a> attribute on the <a><code>Window</code></a> and <a><code>WorkerGlobalScope</code></a>
+ objects. This attribute is an object supporting a method, <a data-lt="getKeyByName"><code>getKeyByName</code></a> which may be used to get the key with a given name. Keys are
returned as <a>NamedKey</a> objects which are subclasses of the <a><code>Key</code></a> class.</p></section>
<section><h3>NamedKey interface</h3>
@@ -244,7 +245,7 @@
<section><h4>Structured clone algorithm</h4>
<p>When a user agent is required to obtain a <a>structured clone</a> of a <a>NamedKey</a> object, it must run the following steps.</p>
<ol>
- <li>Let <var>input</var> and <var>memory</var> be the corresponding inputs defined by the <a title="structured clone algorithm">internal structured clone algorithm</a>, where <var>input</var> is a <a>NamedKey</a> object to be cloned.</li>
+ <li>Let <var>input</var> and <var>memory</var> be the corresponding inputs defined by the <a data-lt="structured clone algorithm">internal structured clone algorithm</a>, where <var>input</var> is a <a>NamedKey</a> object to be cloned.</li>
<li>Let <var>output</var> be a newly constructed <a>NamedKey</a> object, where the structured clone algorithm is followed for the base <code>Key</code> object.</li>
<li>Let the following attributes of <var>output</var> be equal to the value obtained by invoking the internal structured clone algorithm recursively, using the corresponding attribute on <var>input</var> as the new "<var>input</var>" argument and <var>memory</var> as the new "<var>memory</var>" argument:
<ul>