Also there is the issue of what to do about existing KDF keys that may have been structured-cloned with extractable=true. Could either:

 (a) Fail deserialization
 (b) De-serialize it as it was originally imported (extractable=true)
 (c) De-serialize it and simply change the property to "extractable=false"

Both (b) and (c) are plausible solutions, with tradeoffs.

Leaning towards (b) since it is less magical, and there isn't any real threat from having extractable=true keys (other than it being nonsensical since they can't actually be exported).

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f

commit c9529a8212e9ab0eff2679cbc20d8d5d1297b54f
Author: eroman <eroman@chromium.org>
Date: Wed Sep 07 18:59:26 2016

Require extractable=false for KDF import

This was added to the spec in:
https://github.com/w3c/webcrypto/commit/90d9f747da7ab2dd0f88638666c2326dcb953536

BUG= 630025 

Review-Url: https://codereview.chromium.org/2289033002
Cr-Commit-Position: refs/heads/master@{#417016}

[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/components/webcrypto/algorithms/hkdf.cc
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/components/webcrypto/algorithms/pbkdf2.cc
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/components/webcrypto/status.cc
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/components/webcrypto/status.h
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/derive-hkdf-keys-expected.txt
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/derive-hkdf-keys.html
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/deriveBits-failures.html
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/deriveBits-rfc5869-test-vectors-expected.txt
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/deriveBits-rfc5869-test-vectors.html
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/deriveBits.html
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/deriveKey-expected.txt
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/deriveKey.html
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/exportKey-expected.txt
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/exportKey.html
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/importKey-failures-expected.txt
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/importKey-failures.html
[modify] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/hkdf/unwrapKey.html
[add] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/pbkdf2/importKey-failures-expected.txt
[add] https://crrev.com/c9529a8212e9ab0eff2679cbc20d8d5d1297b54f/third_party/WebKit/LayoutTests/crypto/subtle/pbkdf2/importKey-failures.html

* De-serialization for structure clone is not an issue (old keys will continue to work)

* However code that was calling importKey(extractable=true) will now break and need to be updated.

* We are hoping that this breakage is noticed and resolved during the dev/beta phase of testing (by web sites)