Re: Should wrapped keys always have extractable = false

On Fri, Mar 22, 2013 at 4:21 PM, Mark Watson <> wrote:

> All,
> It occurred to me that support for key wrapping could be simplified if we
> made a blanket assumption that when unwrapping a key the resulting Key
> object always has extractable = false.
> This would avoid the need for a new JWK attribute indicating
> extractability.
> It would avoid the need for the unwrapKey method to have an extractable
> parameter.
> It would avoid the confusion that arises from having extractability
> defined both within the JWK and in the unwrapKey method.
> It would be simpler.

> I think this would make sense, because the act of wrapping a key and
> sending it to a script with access to WebCrypto is explicitly saying that
> you do not want the keying material to be visible except to whomever has
> the unwrapping key.
> Does anyone have a use-case where a key needs to be unwrapped into a Key
> which is then extractable ?
> ůMark


There are plenty of reasons to use key wrapping independent of extraction
concerns. The most obvious one is key transport.

Received on Friday, 22 March 2013 23:36:49 UTC