On Mon, Mar 24, 2014 at 10:18 AM, Anne van Kesteren <annevk@annevk.nl>wrote:
> On Mon, Mar 24, 2014 at 5:11 PM, Ryan Sleevi <sleevi@google.com> wrote:
> > Obviously, I'm biased. However, hopefully the TAG can provide their input
> > and guidance on the design of this, because it's clear that there's no
> > progress being made in the WG on this issue. This is rather unfortunate,
> but
> > since much of the debate is on a matter of "design smells" (whether it
> is or
> > is not a smell to support the two methods simultaneously, whether it is
> or
> > is not a smell to require Encoding spec), the TAG seems uniquely
> qualified
> > to provide input.
>
> When would you want the ArrayBuffer? If you want it frequently and
> performance is critical you might want to expose that. If not, it
> seems exposing just the object is fine. Note that you could also
> expose an actual object and define its toJSON...
>
> Also, somewhat related, why are Key objects not something you can
> transfer/copy through postMessage? Someone keeps bringing up "local
> CORS" over on public-webappsec
>
> http://lists.w3.org/Archives/Public/public-webappsec/2014Mar/thread.html#msg9
> but it seems like he really wants a way for crypto objects to passed
> around.
>
>
They are, and have been for a very, very long time -
https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#key-interface-clone
..
Unfortunately, attempts to explain both CORS and structured clone have been
unsuccessful.