Key usages future compatibility

Currently, WebCrypto specifies that usages is an array of enum values. This means that when an unknown value is encountered, the implementation raises a typeError exception, per WebIDL.

I think that this is problematic. There is no reason to prevent web applications from creating Key objects with allowed usages added by a future version of the spec. The Key object can be saved to permanent storage, and even if the current version of the browser doesn't understand a particular usage, a future version will. We should store the whole set, not a currently supported slice.

Even for non-persistent keys, I don't see a reason to completely reject an importKey or generateKey operation simply because the allowed usages include something the browser doesn't know about. As a web site adopts future WebCrypto features, key creation will raise an exception in old browsers, breaking the site's existing features - as opposed to only having new features that use new WebCrypto functionality broken.

It seems that WebCrypto should explicitly specify an appropriate behavior for unknown usage strings, and not rely on enum behavior specified by WebIDL.

See also: <https://www.w3.org/Bugs/Public/show_bug.cgi?id=22548>. Given the considerations above, the proposed solution in this bug wouldn't work, we can't just store operations as a bitfield.

- WBR, Alexey Proskuryakov

Received on Friday, 1 November 2013 17:54:35 UTC