Consider the attached testcase.  I believe it should log false, true, false, true.  That's not what I see in either Chrome or Firefox, though, and Chrome and Firefox don't agree with each other either.

The spec doesn't actually define behavior here.  It simply says:

  Let result be the CryptoKey object that results from performing the
  import key operation specified by normalizedAlgorithm using keyData,
  algorithm, format, extractable and usages.

and the specific algorithm sections say things like:

  Let key be a new CryptoKey object that represents the RSA public key identified
  by publicKey

without saying which global it's associated with.  Note that the IDL specification requires all IDL objects to be explicitly associated with some global.  There are proposals for adding some sort of implicit association for simple cases of synchronous object creation (which would make the first two things logged in this testcase be "false, true", as in Firefox), but async things would need to be handled a bit more explicitly still.

In any case, I consider the Firefox behavior here where the Promise and the CryptoKey come from different globals a bug (tracked at <https://bugzilla.mozilla.org/show_bug.cgi?id=1250930>) and will suggest that Firefox switch to the "false, true, false, true" behavior I mention above...