This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
AesKeyGenParams.length -- is the key length in BITS HmacKeyParams.length -- is the key length in BYTES This inconsistency makes it easy to get things wrong. Moreover, in the case where the key length is specified in bits, what is the expected behavior when passing a length which is not divisible by 8? (NSS for instance generates keys with integral byte lengths).
I suggest we align on bits instead of bytes.
Changeset da045968abe0 - change HMAC length from bytes to bits per email discussion