With Bug 1037892, our WebCrypto implementation has been brought into compliance with the latest spec. We should expose it by default in release, without requiring users to enable it with a pref.

Is there a spec test suite? If so, how are we doing on it? Are we OK with shipping this before fixing bug 1001691?

There is not yet a spec test suite. Bug 1001691 I'm not super worried about. I am adding bug 1064320 as a blocker, though.

> There is not yet a spec test suite. OK. How sure are we that what we have matches the spec, then, and what are we basing that judgment on? What's our plan with making sure we keep up with the moving target here, given that this spec is clearly not very stable?

(In reply to Boris Zbarsky [:bz] from comment #4) > > There is not yet a spec test suite. > > OK. How sure are we that what we have matches the spec, then, and what are > we basing that judgment on? I did a pretty thorough review of the spec, and updated the implementation accordingly in bug 1037892. It might be good for someone else to check my work, but I have moderate-to-high confidence that it's right. As Tim pointed out in our intent-to-ship message, we're more in compliance than the current Chromium implementation. > What's our plan with making sure we keep up with the moving target here, > given that this spec is clearly not very stable? I'm actively participating in the working group, and tracking changes.

Comment on attachment 8496624 [details] [diff] [review] bug-1074001.patch Alright. r=me

Release Note Request (optional, but appreciated) [Why is this notable]: New interesting web-facing functionality. [Suggested wording]: Firefox now supports the Web Cryptography API. [Links (documentation, blog post, etc)]: ???

Comment on attachment 8496624 [details] [diff] [review] bug-1074001.patch Approval Request Comment [Feature/regressing bug #]: WebCrypto [User impact if declined]: Users will still have to enable WebCrypto with a pref in release builds. [Describe test coverage new/current, TBPL]: Mochitests under dom/crypto/test [Risks and why]: Low risk. API has been exposed since 32 (by default in Nightly/Aurora/Beta, with pref in release) [String/UUID change made/needed]: none

Comment on attachment 8496624 [details] [diff] [review] bug-1074001.patch Aurora+ Nice to ship this in 34.

Richard, for the 33 release, I planned to add WebCrypto: RSA-OAEP, PBKDF2 and AES-KW support & WebCrypto: wrapKey and unwrapKey implemented in the release notes. Are they accessible by default or are they behind a pref? Thanks

bz confirmed that they are disabled by default.