panva
commented
2 years ago I don't see a case for carving non-extractable keys out. The API is simple and its placement in a non-browser context is not problematic (as seen by implementation in deno, node, workers).
As a library developer I don't need another place to branch code based on iffy runtime detection.
When creating a key in WebCrypto, the
extractableparameter/property indicates whether a key should be treated as opaque. This makes sense on the Web Platform where you could put something in IndexedDB and read it back out without compromising opacity, but makes less sense natively--how would it be used? Should WinterCG platforms be expected to support non-extractable keys?