rockerest’s Twitter Archive—№ 15,713

This line of code makes me angry. chromium.googlesource.com/chromium/src/+/master/components/webcrypto/status.cc#372 Nowhere in the spec does it require that keys not be exportable. Preventing exports means a key can't be temporarily persisted to keep encrypted data unlocked. I think the only workaround is persisting a key in memory.