--- a/Overview.html	Thu Dec 20 09:08:29 2012 -0800
+++ b/Overview.html	Thu Dec 20 09:34:39 2012 -0800
@@ -474,6 +474,13 @@
           index</a> at http://www.w3.org/TR/.</em>
         </p>
         
+      <p>This document describes APIs that provide access to named pre-provisioned origin-specific keys.
+      Such keys were previously accessible through the KeyStorage API of the main WebCrypto API [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>].
+      The KeySotrage API has now been removed in favour of existing web storage mechanisms (for generated, derived and imported keys) and
+      this specification for named origin-specific pre-provisioned keys. The privacy issues associated with such keys require special attention and
+      the material in this document has not yet received thorough review by the community. It is an open issue in the
+      Web Cryptography Working Group whether the scope of this document may be expanded to discovery of other kinds of key.</p>
+    
         <p>
           This document was published by the <a href="http://www.w3.org/2012/webcrypto/">Web Cryptography WG</a> as a Working Draft.
           
@@ -519,12 +526,14 @@
   
 </section><section id="toc"><h2 class="introductory">Table of Contents</h2><ul class="toc"><li class="tocline"><a href="#introduction" class="tocxref"><span class="secno">1. </span>Introduction</a></li><li class="tocline"><a href="#use-cases" class="tocxref"><span class="secno">2. </span>Use cases</a><ul class="toc"><li class="tocline"><a href="#out-of-band-key-provisioning" class="tocxref"><span class="secno">2.1 </span>Out of band key provisioning</a></li></ul></li><li class="tocline"><a href="#conformance" class="tocxref"><span class="secno">3. </span>Conformance</a></li><li class="tocline"><a href="#scope" class="tocxref"><span class="secno">4. </span>Scope</a></li><li class="tocline"><a href="#privacy-considerations" class="tocxref"><span class="secno">5. </span>Privacy considerations</a><ul class="toc"><li class="tocline"><a href="#named-origin-specific-pre-provisioned-keys" class="tocxref"><span class="secno">5.1 </span>Named origin-specific pre-provisioned keys</a><ul class="toc"><li class="tocline"><a href="#comparison-to-cookies-and-persistent-storage" class="tocxref"><span class="secno">5.1.1 </span>Comparison to cookies and persistent storage</a></li><li class="tocline"><a href="#user-tracking" class="tocxref"><span class="secno">5.1.2 </span>User tracking</a></li><li class="tocline"><a href="#cookie-resurrection" class="tocxref"><span class="secno">5.1.3 </span>Cookie resurrection</a></li><li class="tocline"><a href="#sensitivity-of-data" class="tocxref"><span class="secno">5.1.4 </span>Sensitivity of data</a></li></ul></li></ul></li><li class="tocline"><a href="#dependencies" class="tocxref"><span class="secno">6. </span>Dependencies</a></li><li class="tocline"><a href="#api-definition" class="tocxref"><span class="secno">7. </span>API definition</a><ul class="toc"><li class="tocline"><a href="#overview" class="tocxref"><span class="secno">7.1 </span>Overview</a></li><li class="tocline"><a href="#namedkey-interface" class="tocxref"><span class="secno">7.2 </span>NamedKey interface</a><ul class="toc"><li class="tocline"><a href="#attributes" class="tocxref"><span class="secno">7.2.1 </span>Attributes</a></li><li class="tocline"><a href="#structured-clone-algorithm" class="tocxref"><span class="secno">7.2.2 </span>Structured clone algorithm</a></li><li class="tocline"><a href="#immutability-of-namedkey-objects" class="tocxref"><span class="secno">7.2.3 </span>Immutability of NamedKey objects</a></li></ul></li><li class="tocline"><a href="#cryptokeys-interface" class="tocxref"><span class="secno">7.3 </span>CryptoKeys interface</a><ul class="toc"><li class="tocline"><a href="#methods" class="tocxref"><span class="secno">7.3.1 </span>Methods</a></li></ul></li><li class="tocline"><a href="#extension-of-window-interface" class="tocxref"><span class="secno">7.4 </span>Extension of Window interface</a><ul class="toc"><li class="tocline"><a href="#attributes-1" class="tocxref"><span class="secno">7.4.1 </span>Attributes</a></li></ul></li><li class="tocline"><a href="#extension-of-workerglobalscope-interface" class="tocxref"><span class="secno">7.5 </span>Extension of WorkerGlobalScope interface</a><ul class="toc"><li class="tocline"><a href="#attributes-2" class="tocxref"><span class="secno">7.5.1 </span>Attributes</a></li></ul></li></ul></li><li class="tocline"><a href="#examples" class="tocxref"><span class="secno">8. </span>Examples</a></li><li class="tocline"><a href="#references" class="tocxref"><span class="secno">A. </span>References</a><ul class="toc"><li class="tocline"><a href="#normative-references" class="tocxref"><span class="secno">A.1 </span>Normative references</a></li><li class="tocline"><a href="#informative-references" class="tocxref"><span class="secno">A.2 </span>Informative references</a></li></ul></li></ul></section>
     
+    
+    
     <section class="informative" id="introduction">
       <!--OddPage--><h2><span class="secno">1. </span>Introduction</h2><p><em>This section is non-normative.</em></p>
       <p>
         The Web Cryptography API [<cite><a class="bibref" href="#bib-WEBCRYPTO">WEBCRYPTO</a></cite>] describes a JavaScript API for performing basic cryptographic
         operations in web applications. Cryptographic keys in are represented in this API using
-        <a href="http://www.w3.org/TR/WebCryptoAPI/#key-interface" "=""><code>Key</code></a> objects. The API provides methods to generate, derive or import cryptographic 
+        <a href="http://www.w3.org/TR/WebCryptoAPI/#key-interface"><code>Key</code></a> objects. The API provides methods to generate, derive or import cryptographic 
         keying material, so creating <a href="http://www.w3.org/TR/WebCryptoAPI/#key-interface"><code>Key</code></a> objects.
       </p>
       <p>This document concerns the discovery of cryptographic keys which are made available to the UA by other means.
@@ -723,11 +732,11 @@
 };</span></pre><section id="methods"><h4><span class="secno">7.3.1 </span>Methods</h4><dl class="methods"><dt id="widl-CryptoKeys-getKeysByName-KeyOperation-DOMString-name"><code>getKeysByName</code></dt><dd>
             <p>When invoked, this method must perform the following steps:
               </p><ol>
-                <li>Let <var>KeyOp</var> be a newly created object implementing the <code><a href-"http:="" www.w3.org="" tr="" webcryptoapi="" #keyoperation-interface"="" href="#dfn-keyoperation" class="internalDFN">KeyOperation</a></code> interface</li>
+                <li>Let <var>KeyOp</var> be a newly created object implementing the <code><a href="http://www.w3.org/TR/WebCryptoAPI/#KeyOperation-interface">KeyOperation</a></code> interface</li>
                 <li>Queue an operation to asynchronously run the following steps:</li>
                 <ol>
                   <li>Search for a key or keys matching the name specifier provided in <code>name</code>. A name specifier matches the name of a key if they are identical when expressed as a string of unicode characters.</li>
-                  <dl class-"switch"="">
+                  <dl class="switch">
                     <dt>If one or more keys are found</dt>
                     <dd>
                       <ol>
@@ -770,7 +779,7 @@
 
 <section id="references" class="appendix"><!--OddPage--><h2><span class="secno">A. </span>References</h2><section id="normative-references"><h3><span class="secno">A.1 </span>Normative references</h3><dl class="bibliography"><dt id="bib-HTML5">[HTML5]</dt><dd>Ian Hickson; David Hyatt. <a href="http://www.w3.org/TR/html5"><cite>HTML5.</cite></a> 29 March 2012. W3C Working Draft. (Work in progress.) URL: <a href="http://www.w3.org/TR/html5">http://www.w3.org/TR/html5</a> 
 </dd><dt id="bib-RFC2119">[RFC2119]</dt><dd>S. Bradner. <a href="http://www.ietf.org/rfc/rfc2119.txt"><cite>Key words for use in RFCs to Indicate Requirement Levels.</cite></a> March 1997. Internet RFC 2119.  URL: <a href="http://www.ietf.org/rfc/rfc2119.txt">http://www.ietf.org/rfc/rfc2119.txt</a> 
-</dd><dt id="bib-WEBCRYPTO">[WEBCRYPTO]</dt><dd>Ryan Sleevi, David Dahl. <a href="http://www.w3.org/TR/WebCryptoAPI/"><cite>Web Cryptography API.</cite></a> 13 September 2012. W3C Working Draft. (Work in progress.) URL: <a href="http://www.w3.org/TR/2012/WD-WebCryptoAPI-20120913/">http://www.w3.org/TR/2012/WD-WebCryptoAPI-20120913/</a> 
+</dd><dt id="bib-WEBCRYPTO">[WEBCRYPTO]</dt><dd>Ryan Sleevi, David Dahl. <a href="http://www.w3.org/TR/WebCryptoAPI/"><cite>Web Cryptography API.</cite></a> W3C Working Draft (Work in progress.) URL: <a href="http://www.w3.org/TR/2012/WD-WebCryptoAPI-20120913/">http://www.w3.org/TR/2012/WD-WebCryptoAPI-20120913/</a> 
 </dd><dt id="bib-WEBIDL">[WEBIDL]</dt><dd>Cameron McCormack. <a href="http://www.w3.org/TR/2011/WD-WebIDL-20110927/"><cite>Web IDL.</cite></a> 27 September 2011. W3C Working Draft. (Work in progress.) URL: <a href="http://www.w3.org/TR/2011/WD-WebIDL-20110927/">http://www.w3.org/TR/2011/WD-WebIDL-20110927/</a> 
 </dd><dt id="bib-WEBWORKERS">[WEBWORKERS]</dt><dd>Ian Hickson. <a href="http://www.w3.org/TR/2011/WD-workers-20110901/"><cite>Web Workers.</cite></a> 1 September 2011. W3C Working Draft. (Work in progress.) URL: <a href="http://www.w3.org/TR/2011/WD-workers-20110901/">http://www.w3.org/TR/2011/WD-workers-20110901/</a> 
 </dd></dl></section><section id="informative-references"><h3><span class="secno">A.2 </span>Informative references</h3><dl class="bibliography"><dt id="bib-COOKIES">[COOKIES]</dt><dd>Adam Barth. <cite><a href="http://www.rfc-editor.org/rfc/rfc6265.txt">HTTP State Management Mechanism</a>.</cite> April 2011. Internet Proposed Standard RFC 6265. URL: <a href="http://www.rfc-editor.org/rfc/rfc6265.txt">http://www.rfc-editor.org/rfc/rfc6265.txt</a> 

--- a/keydiscovery-source.html	Thu Dec 20 09:08:29 2012 -0800
+++ b/keydiscovery-source.html	Thu Dec 20 09:34:39 2012 -0800
@@ -56,7 +56,7 @@
                             wgURI:        "http://www.w3.org/2012/webcrypto/",
                             wgPublicList: "public-webcrypto",
                             wgPatentURI:  "http://www.w3.org/2004/01/pp-impl/54174/status",
-                            localBiblio : { "WEBCRYPTO" : "Ryan Sleevi, David Dahl. <a href=\"http://www.w3.org/TR/WebCryptoAPI/\"><cite>Web Cryptography API.</cite></a> 13 September 2012. W3C Working Draft. (Work in progress.) URL: <a href=\"http://www.w3.org/TR/2012/WD-WebCryptoAPI-20120913/\">http://www.w3.org/TR/2012/WD-WebCryptoAPI-20120913/</a> "}
+                            localBiblio : { "WEBCRYPTO" : "Ryan Sleevi, David Dahl. <a href=\"http://www.w3.org/TR/WebCryptoAPI/\"><cite>Web Cryptography API.</cite></a> W3C Working Draft (Work in progress.) URL: <a href=\"http://www.w3.org/TR/2012/WD-WebCryptoAPI-20120913/\">http://www.w3.org/TR/2012/WD-WebCryptoAPI-20120913/</a> "}
                         };
     </script>
   </head>
@@ -70,12 +70,21 @@
       </p>
     </section>
     
+    <section id="sotd">
+      <p>This document describes APIs that provide access to named pre-provisioned origin-specific keys.
+      Such keys were previously accessible through the KeyStorage API of the main WebCrypto API [[WEBCRYPTO]].
+      The KeySotrage API has now been removed in favour of existing web storage mechanisms (for generated, derived and imported keys) and
+      this specification for named origin-specific pre-provisioned keys. The privacy issues associated with such keys require special attention and
+      the material in this document has not yet received thorough review by the community. It is an open issue in the
+      Web Cryptography Working Group whether the scope of this document may be expanded to discovery of other kinds of key.</p>
+    </section>
+    
     <section class="informative">
       <h2>Introduction</h2>
       <p>
         The Web Cryptography API [[!WEBCRYPTO]] describes a JavaScript API for performing basic cryptographic
         operations in web applications. Cryptographic keys in are represented in this API using
-        <a href='http://www.w3.org/TR/WebCryptoAPI/#key-interface'"><code>Key</code></a> objects. The API provides methods to generate, derive or import cryptographic 
+        <a href='http://www.w3.org/TR/WebCryptoAPI/#key-interface'><code>Key</code></a> objects. The API provides methods to generate, derive or import cryptographic 
         keying material, so creating <a href='http://www.w3.org/TR/WebCryptoAPI/#key-interface'><code>Key</code></a> objects.
       </p>
       <p>This document concerns the discovery of cryptographic keys which are made available to the UA by other means.
@@ -265,11 +274,11 @@
           <dd>
             <p>When invoked, this method must perform the following steps:
               <ol>
-                <li>Let <var>KeyOp</var> be a newly created object implementing the <code><a href-"http://www.w3.org/TR/WebCryptoAPI/#KeyOperation-interface">KeyOperation</a></code> interface</li>
+                <li>Let <var>KeyOp</var> be a newly created object implementing the <code><a href="http://www.w3.org/TR/WebCryptoAPI/#KeyOperation-interface">KeyOperation</a></code> interface</li>
                 <li>Queue an operation to asynchronously run the following steps:</li>
                 <ol>
                   <li>Search for a key or keys matching the name specifier provided in <code>name</code>. A name specifier matches the name of a key if they are identical when expressed as a string of unicode characters.</li>
-                  <dl class-"switch">
+                  <dl class="switch">
                     <dt>If one or more keys are found</dt>
                     <dd>
                       <ol>