This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
PBKDF2 throws an OperationError if length is not a multiple of 8 bits. This seems inconsistent with deriveBits() for other algorithms, which simply truncate to the specified bit length (for instance ECDH and DH).
Looking at RFC 2898 which has a definition of PBKDF2. The inputs include dkLen - intended length in octets of the derived key, a positive integer. This means that the algorithm itself requires that the output length be an integral number of bytes and is not specified for odd bit sizes. This bug should be resolved as by design.
Moved to https://github.com/w3c/webcrypto/issues/32