From e4107d2007786f7b90a8ea05a344cc20062db257 Mon Sep 17 00:00:00 2001
From: Johann Hofmann <johannhof@chromium.org>
Date: Fri, 9 Dec 2022 09:14:00 +0000
Subject: [PATCH] Define a permission store (closes #384) (#390)

SHA: f3b927353b8290630944120afaab194dea0b61af
Reason: push, by johannhof

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
---
 index.html | 583 ++++++++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 462 insertions(+), 121 deletions(-)

diff --git a/index.html b/index.html
index f0171d0..6ffde36 100644
--- a/index.html
+++ b/index.html
@@ -325,10 +325,10 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       </div></div>
           <div class="caniuse-type"><span>desktop</span></div>
         </div><div class="caniuse-group">
-          <div class="caniuse-browsers"><div class="caniuse-cell y" title="Supported by default since Android Chrome version 107." aria-label="permissions-api is supported by default since Android Chrome version 107 on mobile.">
-        <img class="caniuse-browser" width="20" height="20" src="https://cdn.w3.org/assets/logos/browser-logos/chrome/chrome.svg" alt="Android Chrome logo"><span class="browser-version">107</span>
-      </div><div class="caniuse-cell y" title="Supported by default since Android Firefox version 106." aria-label="permissions-api is supported by default since Android Firefox version 106 on mobile.">
-        <img class="caniuse-browser" width="20" height="20" src="https://cdn.w3.org/assets/logos/browser-logos/firefox/firefox.svg" alt="Android Firefox logo"><span class="browser-version">106</span>
+          <div class="caniuse-browsers"><div class="caniuse-cell y" title="Supported by default since Android Chrome version 108." aria-label="permissions-api is supported by default since Android Chrome version 108 on mobile.">
+        <img class="caniuse-browser" width="20" height="20" src="https://cdn.w3.org/assets/logos/browser-logos/chrome/chrome.svg" alt="Android Chrome logo"><span class="browser-version">108</span>
+      </div><div class="caniuse-cell y" title="Supported by default since Android Firefox version 107." aria-label="permissions-api is supported by default since Android Firefox version 107 on mobile.">
+        <img class="caniuse-browser" width="20" height="20" src="https://cdn.w3.org/assets/logos/browser-logos/firefox/firefox.svg" alt="Android Firefox logo"><span class="browser-version">107</span>
       </div><div class="caniuse-cell y" title="Supported by default since Android UC version 13.4." aria-label="permissions-api is supported by default since Android UC version 13.4 on mobile.">
         <img class="caniuse-browser" width="20" height="20" src="https://cdn.w3.org/assets/logos/browser-logos/uc/uc.svg" alt="Android UC logo"><span class="browser-version">13.4</span>
       </div><div class="caniuse-cell y" title="Supported by default since iOS Safari version 16.0." aria-label="permissions-api is supported by default since iOS Safari version 16.0 on mobile.">
@@ -412,11 +412,13 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         Model
       </a><ol class="toc"><li class="tocline"><a class="tocxref" href="#permissions"><bdi class="secno">3.1 </bdi>
           Permissions
-        </a></li><li class="tocline"><a class="tocxref" href="#powerful-features"><bdi class="secno">3.2 </bdi>
+        </a></li><li class="tocline"><a class="tocxref" href="#permission-store"><bdi class="secno">3.2 </bdi>
+          Permission Store
+        </a></li><li class="tocline"><a class="tocxref" href="#powerful-features"><bdi class="secno">3.3 </bdi>
           Powerful features
-        </a><ol class="toc"><li class="tocline"><a class="tocxref" href="#aspects"><bdi class="secno">3.2.1 </bdi>
+        </a><ol class="toc"><li class="tocline"><a class="tocxref" href="#aspects"><bdi class="secno">3.3.1 </bdi>
             Aspects
-          </a></li></ol></li><li class="tocline"><a class="tocxref" href="#permissions-task-source"><bdi class="secno">3.3 </bdi>
+          </a></li></ol></li><li class="tocline"><a class="tocxref" href="#permissions-task-source"><bdi class="secno">3.4 </bdi>
           Permissions task source
         </a></li></ol></li><li class="tocline"><a class="tocxref" href="#specifying-a-powerful-feature"><bdi class="secno">4. </bdi>
         Specifying a powerful feature
@@ -658,9 +660,77 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           reset because its <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-2">lifetime</a> has expired.
         </p>
       </section>
-      <section id="powerful-features"><div class="header-wrapper"><h3 id="x3-2-powerful-features"><bdi class="secno">3.2 </bdi>
+      <section id="permission-store"><div class="header-wrapper"><h3 id="x3-2-permission-store"><bdi class="secno">3.2 </bdi>
+          Permission Store
+        </h3><a class="self-link" href="#permission-store" aria-label="Permalink for Section 3.2"></a></div>
+        
+        <p>
+          The user agent maintains a single <dfn class="export" data-export="" id="dfn-permission-store" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">permission store</dfn> which is a <a data-link-type="dfn" data-type="dfn" href="https://infra.spec.whatwg.org/#list">list</a> of <a data-link-type="dfn" href="#dfn-permission-store-entry" class="internalDFN" id="ref-for-dfn-permission-store-entry-1">permission store entries</a>. Each particular <a data-link-type="dfn" href="#dfn-permission-store-entry" class="internalDFN" id="ref-for-dfn-permission-store-entry-2">entry</a> denoted by its <a data-link-type="dfn" href="#dfn-descriptor" class="internalDFN" id="ref-for-dfn-descriptor-1">descriptor</a> and <a data-link-type="dfn" href="#dfn-key" class="internalDFN" id="ref-for-dfn-key-1">key</a> can only appear at most once in this list.
+        </p>
+        <p>
+          The user agent <em class="rfc2119">MAY</em> remove <a data-link-type="dfn" href="#dfn-permission-store-entry" class="internalDFN" id="ref-for-dfn-permission-store-entry-3">entries</a> from the <a data-link-type="dfn" href="#dfn-permission-store" class="internalDFN" id="ref-for-dfn-permission-store-1">permission store</a> when their respective <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-4">permission</a>'s <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-3">lifetime</a> has expired.
+        </p>
+        <p>
+          A <dfn class="export" data-local-lt="entry" data-export="" data-lt="permission store entry|entry" data-plurals="permission store entries|entries" id="dfn-permission-store-entry" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">permission store entry</dfn> is a <a data-link-type="dfn" data-type="dfn" href="https://infra.spec.whatwg.org/#tuple">tuple</a> of <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-1"><code>PermissionDescriptor</code></a> <dfn class="export" data-dfn-for="permission store entry" data-export="" id="dfn-descriptor" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">descriptor</dfn>, <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-1">permission key</a> <dfn class="export" data-dfn-for="permission store entry" data-export="" id="dfn-key" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">key</dfn>, and <a data-link-type="dfn" href="#dfn-states" class="internalDFN" id="ref-for-dfn-states-3">state</a> <dfn class="export" data-dfn-for="permission store entry" data-export="" id="dfn-state" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">state</dfn>.
+        </p>
+        <p>
+        To <dfn class="export" data-export="" id="dfn-get-a-permission-store-entry" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">get a permission store entry</dfn> given a <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-2"><code>PermissionDescriptor</code></a> <var>descriptor</var> and <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-2">permission key</a> <var>key</var>:
+          </p><ol class="algorithm">
+            <li>
+              
+              If the user agent's <a data-link-type="dfn" href="#dfn-permission-store" class="internalDFN" id="ref-for-dfn-permission-store-2">permission store</a> <a data-link-type="dfn" data-type="dfn" href="https://infra.spec.whatwg.org/#list-contain">contains</a> an <a data-link-type="dfn" href="#dfn-permission-store-entry" class="internalDFN" id="ref-for-dfn-permission-store-entry-4">entry</a> whose <a data-link-type="dfn" href="#dfn-descriptor" class="internalDFN" id="ref-for-dfn-descriptor-2">descriptor</a> is <var>descriptor</var>, and whose <a data-link-type="dfn" href="#dfn-key" class="internalDFN" id="ref-for-dfn-key-2">key</a> <a data-link-type="dfn" href="#dfn-is-equal-to" class="internalDFN" id="ref-for-dfn-is-equal-to-1">is equal to</a> <var>key</var> given <var>descriptor</var>, return that entry.
+            </li>
+            <li>
+              Return null.
+            </li>
+          </ol>
+        <p></p>
+        <p>
+          To <dfn class="export" data-export="" id="dfn-set-a-permission-store-entry" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">set a permission store entry</dfn> given a <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-3"><code>PermissionDescriptor</code></a> <var>descriptor</var>, a <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-3">permission key</a> <var>key</var>, and a <a data-link-type="dfn" href="#dfn-states" class="internalDFN" id="ref-for-dfn-states-4">state</a> <var>state</var>, run these steps:
+          </p><ol class="algorithm">
+            <li>
+              Let <var>newEntry</var> be a new <a data-link-type="dfn" href="#dfn-permission-store-entry" class="internalDFN" id="ref-for-dfn-permission-store-entry-5">permission store entry</a> whose <a data-link-type="dfn" href="#dfn-descriptor" class="internalDFN" id="ref-for-dfn-descriptor-3">descriptor</a> is <var>descriptor</var>, and whose <a data-link-type="dfn" href="#dfn-key" class="internalDFN" id="ref-for-dfn-key-3">key</a> is <var>key</var>, and whose <a data-link-type="dfn" href="#dfn-state" class="internalDFN" id="ref-for-dfn-state-1">state</a> is <var>state</var>.
+            </li>
+            <li>
+              If the user agent's <a data-link-type="dfn" href="#dfn-permission-store" class="internalDFN" id="ref-for-dfn-permission-store-3">permission store</a> <a data-link-type="dfn" data-type="dfn" href="https://infra.spec.whatwg.org/#list-contain">contains</a> an <a data-link-type="dfn" href="#dfn-permission-store-entry" class="internalDFN" id="ref-for-dfn-permission-store-entry-6">entry</a> whose <a data-link-type="dfn" href="#dfn-descriptor" class="internalDFN" id="ref-for-dfn-descriptor-4">descriptor</a> is <var>descriptor</var>, and whose <a data-link-type="dfn" href="#dfn-key" class="internalDFN" id="ref-for-dfn-key-4">key</a> <a data-link-type="dfn" href="#dfn-is-equal-to" class="internalDFN" id="ref-for-dfn-is-equal-to-2">is equal to</a> <var>key</var> given <var>descriptor</var>, <a data-link-type="dfn" data-type="dfn" href="https://infra.spec.whatwg.org/#list-replace">replace</a> that entry with <var>newEntry</var> and abort these steps.
+            </li>
+            <li>
+              <a data-link-type="dfn" data-type="dfn" href="https://infra.spec.whatwg.org/#list-append">Append</a> <var>newEntry</var> to the user agent's <a data-link-type="dfn" href="#dfn-permission-store" class="internalDFN" id="ref-for-dfn-permission-store-4">permission store</a>.
+            </li>
+          </ol>
+        <p></p>
+        <p>
+          To <dfn class="export" data-export="" id="dfn-remove-a-permission-store-entry" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">remove a permission store entry</dfn> given a <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-4"><code>PermissionDescriptor</code></a> <var>descriptor</var> and <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-4">permission key</a> <var>key</var>, run these steps:
+          </p><ol class="algorithm">
+            <li>
+            <a data-link-type="dfn" data-type="dfn" href="https://infra.spec.whatwg.org/#list-remove">Remove</a> the <a data-link-type="dfn" href="#dfn-permission-store-entry" class="internalDFN" id="ref-for-dfn-permission-store-entry-7">entry</a> whose <a data-link-type="dfn" href="#dfn-descriptor" class="internalDFN" id="ref-for-dfn-descriptor-5">descriptor</a> is <var>descriptor</var>, and whose <a data-link-type="dfn" href="#dfn-key" class="internalDFN" id="ref-for-dfn-key-5">key</a> <a data-link-type="dfn" href="#dfn-is-equal-to" class="internalDFN" id="ref-for-dfn-is-equal-to-3">is equal to</a> <var>key</var> given <var>descriptor</var>, from the user agent's <a data-link-type="dfn" href="#dfn-permission-store" class="internalDFN" id="ref-for-dfn-permission-store-5">permission store</a>.
+            </li>
+          </ol>
+        <p></p>
+        <p>
+          A <dfn class="export" data-export="" data-plurals="permission keys" id="dfn-permission-key" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">permission key</dfn> has its type defined by a feature's <a data-link-type="dfn" href="#dfn-permission-key-type" class="internalDFN" id="ref-for-dfn-permission-key-type-1">permission key type</a>.
+          </p><div class="note" role="note" id="issue-container-generatedID-1"><div role="heading" class="note-title marker" id="h-note-1" aria-level="4"><span>Note</span></div><aside class="">
+            The permission key defines the scope of a permission grant, which is usually per-origin.
+            Powerful features may override the <a data-link-type="dfn" href="#dfn-permission-key-type" class="internalDFN" id="ref-for-dfn-permission-key-type-2">permission key type</a> to specify a custom permission key.
+            This is useful for features that want to change the granularity of permissions based on additional context,
+            such as double-keying on both an embedded origin and a top-level origin.
+          </aside></div>
+        <p></p>
+        <p>
+          To determine whether a <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-5">permission key</a> <var>key1</var> <dfn class="export" data-dfn-for="permission key" data-export="" id="dfn-is-equal-to" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">is equal to</dfn> a <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-6">permission key</a> <var>key2</var>, given a <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-5"><code>PermissionDescriptor</code></a> <var>descriptor</var>, run the following steps:
+          </p><ol class="algorithm">
+            <li>
+              If <var>key1</var> is not of <var>descriptor</var>'s <a data-link-type="dfn" href="#dfn-permission-key-type" class="internalDFN" id="ref-for-dfn-permission-key-type-3">permission key type</a> or <var>key2</var> is not of <var>descriptor</var>'s <a data-link-type="dfn" href="#dfn-permission-key-type" class="internalDFN" id="ref-for-dfn-permission-key-type-4">permission key type</a>, return false.
+            </li>
+            <li>
+              Return the result of running the <a data-link-type="dfn" href="#dfn-permission-key-comparison-algorithm" class="internalDFN" id="ref-for-dfn-permission-key-comparison-algorithm-1">permission key comparison algorithm</a> for the feature named by <var>descriptor</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-1"><code>name</code></a>, passing <var>key1</var> and <var>key2</var>.
+            </li>
+          </ol>
+        <p></p>
+      </section>
+      <section id="powerful-features"><div class="header-wrapper"><h3 id="x3-3-powerful-features"><bdi class="secno">3.3 </bdi>
           Powerful features
-        </h3><a class="self-link" href="#powerful-features" aria-label="Permalink for Section 3.2"></a></div>
+        </h3><a class="self-link" href="#powerful-features" aria-label="Permalink for Section 3.3"></a></div>
         
         <p data-cite="permissions-policy">
           A <dfn class="export" data-local-lt="feature" data-export="" data-lt="powerful feature|feature" data-plurals="powerful features|features" id="dfn-powerful-feature" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">powerful feature</dfn> is a web platform
@@ -697,16 +767,16 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           A <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-11">powerful feature</a> is identified by its <dfn class="export" data-dfn-for="powerful feature" data-export="" id="dfn-name" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">name</dfn>, which is a string literal (e.g., "geolocation").
         </p>
         <p>
-          The user agent tracks which <a href="#dfn-powerful-feature" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-powerful-feature-12">powerful features</a> the user has <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-4">permission</a> to use
+          The user agent tracks which <a href="#dfn-powerful-feature" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-powerful-feature-12">powerful features</a> the user has <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-5">permission</a> to use
           via the <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#environment-settings-object">environment settings object</a>.
         </p>
-        <section id="aspects"><div class="header-wrapper"><h4 id="x3-2-1-aspects"><bdi class="secno">3.2.1 </bdi>
+        <section id="aspects"><div class="header-wrapper"><h4 id="x3-3-1-aspects"><bdi class="secno">3.3.1 </bdi>
             Aspects
-          </h4><a class="self-link" href="#aspects" aria-label="Permalink for Section 3.2.1"></a></div>
+          </h4><a class="self-link" href="#aspects" aria-label="Permalink for Section 3.3.1"></a></div>
           
           <p>
             Each <a href="#dfn-powerful-feature" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-powerful-feature-13">powerful feature</a> can define zero or more additional <dfn data-dfn-for="powerful feature" id="dfn-aspects" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">aspects</dfn>. An aspect is defined as WebIDL <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-dictionary">dictionary</a> that
-            <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-inherit-dictionary">inherits</a> from <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-1"><code>PermissionDescriptor</code></a> and serves as a WebIDL
+            <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-inherit-dictionary">inherits</a> from <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-6"><code>PermissionDescriptor</code></a> and serves as a WebIDL
             interface's <a data-link-type="dfn" href="#dfn-permission-descriptor-type" class="internalDFN" id="ref-for-dfn-permission-descriptor-type-1">permission descriptor type</a>.
           </p>
           <aside class="example" id="example-defining-your-own-permission-descriptor-type"><div class="marker">
@@ -714,7 +784,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
   </div>
             <p>
               A hypothetical <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-14">powerful feature</a> "food detector API" has two <a data-link-type="dfn" href="#dfn-aspects" class="internalDFN" id="ref-for-dfn-aspects-1">aspects</a> that allow sensing taste and smell. So, a specification would
-              define a new WebIDL interface that <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-inherit-dictionary">inherits</a> <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-2"><code>PermissionDescriptor</code></a>:
+              define a new WebIDL interface that <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-inherit-dictionary">inherits</a> <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-7"><code>PermissionDescriptor</code></a>:
             </p>
             <pre aria-busy="false"><code class="hljs javascript">dictionary SensesPermissionDescriptor : PermissionDescriptor {
   boolean canSmell = <span class="hljs-literal">false</span>;
@@ -737,9 +807,9 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           </aside>
         </section>
       </section>
-      <section id="permissions-task-source"><div class="header-wrapper"><h3 id="x3-3-permissions-task-source"><bdi class="secno">3.3 </bdi>
+      <section id="permissions-task-source"><div class="header-wrapper"><h3 id="x3-4-permissions-task-source"><bdi class="secno">3.4 </bdi>
           Permissions task source
-        </h3><a class="self-link" href="#permissions-task-source" aria-label="Permalink for Section 3.3"></a></div>
+        </h3><a class="self-link" href="#permissions-task-source" aria-label="Permalink for Section 3.4"></a></div>
         
         <p>
           The <dfn id="dfn-permissions-task-source" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">permissions task source</dfn> is a <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#task-source">task source</a> used to perform
@@ -759,7 +829,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         <li><em class="rfc2119">MUST</em> give the <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-15">powerful feature</a> a <a data-link-type="dfn" href="#dfn-name" class="internalDFN" id="ref-for-dfn-name-1">name</a> in the form of a <a data-link-type="dfn" data-type="dfn" href="https://infra.spec.whatwg.org/#ascii-lowercase">ascii lowercase</a> string.
         </li>
         <li><em class="rfc2119">MAY</em> define a <a data-link-type="dfn" href="#dfn-permission-descriptor-type" class="internalDFN" id="ref-for-dfn-permission-descriptor-type-2">permission descriptor type</a> that inherits from
-        <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-3"><code>PermissionDescriptor</code></a>.
+        <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-8"><code>PermissionDescriptor</code></a>.
         </li>
         <li><em class="rfc2119">MAY</em> define zero or more <a data-link-type="dfn" href="#dfn-aspects" class="internalDFN" id="ref-for-dfn-aspects-2">aspects</a>.
         </li>
@@ -780,8 +850,8 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         </dt>
         <dd>
           <p>
-            <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-4"><code>PermissionDescriptor</code></a> or one of its subtypes. If unspecified, this defaults to
-            <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-5"><code>PermissionDescriptor</code></a>.
+            <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-9"><code>PermissionDescriptor</code></a> or one of its subtypes. If unspecified, this defaults to
+            <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-10"><code>PermissionDescriptor</code></a>.
           </p>
           <p>
             The feature can define a <a href="https://en.wikipedia.org/wiki/Partially_ordered_set">partial order</a> on descriptor
@@ -818,7 +888,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
             Some <a href="#dfn-powerful-feature" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-powerful-feature-19">powerful features</a> have more information associated with them than just a
             <a data-link-type="idl" data-lt="PermissionState" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-1"><code>PermissionState</code></a>. Each of these features defines an <a data-link-type="dfn" href="#dfn-extra-permission-data-type" class="internalDFN" id="ref-for-dfn-extra-permission-data-type-1">extra permission data type</a>.
           </p>
-          <div class="note" role="note" id="issue-container-generatedID-1"><div role="heading" class="note-title marker" id="h-note-1" aria-level="3"><span>Note</span></div><p class="" data-cite="mediacapture-streams ECMAScript">
+          <div class="note" role="note" id="issue-container-generatedID-2"><div role="heading" class="note-title marker" id="h-note-2" aria-level="3"><span>Note</span></div><p class="" data-cite="mediacapture-streams ECMAScript">
             For example, <a data-link-type="idl" data-lt="getUserMedia()" data-type="method" href="https://www.w3.org/TR/mediacapture-streams/#dom-mediadevices-getusermedia"><code>getUserMedia</code></a><code>()</code> needs to determine <em>which</em> cameras
             the user has granted permission to access.
           </p></div>
@@ -873,7 +943,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           </p>
           <p>
             The <dfn data-export="" id="dfn-default-permission-query-algorithm" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">default permission query algorithm</dfn>, given a
-            <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-6"><code>PermissionDescriptor</code></a> <var>permissionDesc</var> and a <a data-link-type="idl" data-lt="PermissionStatus" href="#dom-permissionstatus" class="internalDFN" id="ref-for-dom-permissionstatus-4"><code>PermissionStatus</code></a> <var>status</var>,
+            <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-11"><code>PermissionDescriptor</code></a> <var>permissionDesc</var> and a <a data-link-type="idl" data-lt="PermissionStatus" href="#dom-permissionstatus" class="internalDFN" id="ref-for-dom-permissionstatus-4"><code>PermissionStatus</code></a> <var>status</var>,
             runs the following steps:
           </p>
           <ol class="algorithm">
@@ -882,6 +952,58 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
             </li>
           </ol>
         </dd>
+        <dt>
+          A <dfn data-dfn-for="powerful feature" class="export" data-export="" id="dfn-permission-key-type" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">permission key type</dfn>:
+        </dt>
+        <dd>
+          <p>
+            The type of <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-7">permission key</a> used by the feature. Defaults to <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#concept-origin">origin</a>.
+            A feature that specifies a custom <a data-link-type="dfn" href="#dfn-permission-key-type" class="internalDFN" id="ref-for-dfn-permission-key-type-5">permission key type</a> <em class="rfc2119">MUST</em> also specify a
+            <a data-link-type="dfn" href="#dfn-permission-key-generation-algorithm" class="internalDFN" id="ref-for-dfn-permission-key-generation-algorithm-1">permission key generation algorithm</a>.
+          </p>
+        </dd>
+        <dt>
+          A <dfn data-dfn-for="powerful feature" class="export" data-export="" id="dfn-permission-key-generation-algorithm" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">permission key generation algorithm</dfn>:
+        </dt>
+        <dd>
+          <p>
+            Takes an <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#environment-settings-object">environment settings object</a>, and returns a new <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-8">permission key</a>.
+            If unspecified, this defaults to the <a href="#dfn-default-permission-key-generation-algorithm" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-default-permission-key-generation-algorithm-1">default permission key generation algorithm</a>.
+            A feature that specifies a custom <a data-link-type="dfn" href="#dfn-permission-key-generation-algorithm" class="internalDFN" id="ref-for-dfn-permission-key-generation-algorithm-2">permission key generation algorithm</a> <em class="rfc2119">MUST</em> also specify a
+            <a data-link-type="dfn" href="#dfn-permission-key-comparison-algorithm" class="internalDFN" id="ref-for-dfn-permission-key-comparison-algorithm-2">permission key comparison algorithm</a>.
+          </p>
+          <p>
+            The <dfn class="export" data-export="" id="dfn-default-permission-key-generation-algorithm" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">default permission key generation algorithm</dfn>,
+            given an <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#environment-settings-object">environment settings object</a> <var>settings</var>, runs the following steps:
+          </p>
+          <ol class="algorithm">
+            <li>
+              Return <var>settings</var>'s <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#concept-environment-top-level-origin">top-level origin</a>.
+            </li>
+          </ol>
+          <div class="note" role="note" id="issue-container-generatedID-3"><div role="heading" class="note-title marker" id="h-note-3" aria-level="3"><span>Note</span><span class="issue-label">: Permission Delegation</span></div><aside class="">
+            Most powerful features grant permission to the top-level origin and delegate access to the requesting document via <cite><a data-matched-text="[[[Permissions-Policy]]]" href="https://www.w3.org/TR/permissions-policy-1/">Permissions Policy</a></cite>.
+            This is known as permission delegation.
+          </aside></div>
+        </dd>
+        <dt>
+          A <dfn data-dfn-for="powerful feature" class="export" data-export="" id="dfn-permission-key-comparison-algorithm" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">permission key comparison algorithm</dfn>:
+        </dt>
+        <dd>
+          <p>
+            Takes two <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-9">permission keys</a> and returns a <a data-link-type="dfn" data-type="dfn" href="https://infra.spec.whatwg.org/#boolean">boolean</a> that shows whether the two keys are equal.
+            If unspecified, this defaults to the <a href="#dfn-default-permission-key-comparison-algorithm" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-default-permission-key-comparison-algorithm-1">default permission key comparison algorithm</a>.
+          </p>
+          <p>
+            The <dfn class="export" data-export="" id="dfn-default-permission-key-comparison-algorithm" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">default permission key comparison algorithm</dfn>,
+            given <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-10">permission keys</a> <var>key1</var> and <var>key2</var>, runs the following steps:
+          </p>
+          <ol class="algorithm">
+            <li>
+              Return <var>key1</var> is <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#same-origin">same origin</a> with <var>key2</var>.
+            </li>
+          </ol>
+        </dd>
         <dt>
           A <dfn data-dfn-for="powerful feature" class="export" data-export="" id="dfn-permission-revocation-algorithm" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">permission revocation
           algorithm</dfn>:
@@ -889,25 +1011,25 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         <dd>
           <p>
             Takes no arguments. Updates any other parts of the implementation that need to be kept
-            in sync with changes in the results of <a href="#dfn-permission-state" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-permission-state-7">permission states</a> or <a data-link-type="dfn" href="#dfn-extra-permission-data" class="internalDFN" id="ref-for-dfn-extra-permission-data-3">extra permission data</a>, and then <a data-link-type="dfn" href="#dfn-react-to-the-user-revoking-permission" class="internalDFN" id="ref-for-dfn-react-to-the-user-revoking-permission-1">react to the user revoking permission</a>.
+            in sync with changes in the results of <a href="#dfn-permission-state" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-permission-state-7">permission states</a> or <a data-link-type="dfn" href="#dfn-extra-permission-data" class="internalDFN" id="ref-for-dfn-extra-permission-data-3">extra permission data</a>.
           </p>
           <p>
-            If unspecified, this defaults to running <a data-link-type="dfn" href="#dfn-react-to-the-user-revoking-permission" class="internalDFN" id="ref-for-dfn-react-to-the-user-revoking-permission-2">react to the user revoking permission</a>.
+            If unspecified, this defaults to running <a data-link-type="dfn" href="#dfn-react-to-the-user-revoking-permission" class="internalDFN" id="ref-for-dfn-react-to-the-user-revoking-permission-1">react to the user revoking permission</a>.
           </p>
         </dd>
         <dt>
-          A permission <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-3">lifetime</a>:
+          A permission <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-4">lifetime</a>:
         </dt>
         <dd>
           <p>
             Specifications that define one or more <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-21">powerful features</a> <em class="rfc2119">SHOULD</em> suggest a
-            <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-5">permission</a> <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-4">lifetime</a> that is best suited for the particular feature.
+            <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-6">permission</a> <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-5">lifetime</a> that is best suited for the particular feature.
             Some guidance on determining the lifetime of a permission is noted below, with a strong
-            emphasis on user privacy. If no <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-5">lifetime</a> is specified, the user agent
+            emphasis on user privacy. If no <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-6">lifetime</a> is specified, the user agent
             provides one.
           </p>
           <p>
-            When the permission <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-6">lifetime</a> expires for an origin:
+            When the permission <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-7">lifetime</a> expires for an origin:
           </p>
           <ol>
             <li>Set the permission back to its default <a data-link-type="dfn" href="#dfn-permission-state" class="internalDFN" id="ref-for-dfn-permission-state-8">permission state</a> (e.g., by setting it
@@ -916,7 +1038,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
             <li>For each <var>browsing context</var> associated with the origin (if any), <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#queue-a-global-task">queue a global task</a> on the <a data-link-type="dfn" href="#dfn-permissions-task-source" class="internalDFN" id="ref-for-dfn-permissions-task-source-1">permissions task source</a> with the <var>browsing context</var>'s <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#global-object">global object</a> to run the <a data-link-type="dfn" href="#dfn-permission-revocation-algorithm" class="internalDFN" id="ref-for-dfn-permission-revocation-algorithm-1">permission revocation algorithm</a>.
             </li>
           </ol>
-          <div class="note" role="note" id="issue-container-generatedID-2"><div role="heading" class="note-title marker" id="h-note-2" aria-level="3"><span>Note</span><span class="issue-label">: Determining the lifetime of a permission</span></div><aside class="">
+          <div class="note" role="note" id="issue-container-generatedID-4"><div role="heading" class="note-title marker" id="h-note-4" aria-level="3"><span>Note</span><span class="issue-label">: Determining the lifetime of a permission</span></div><aside class="">
             <p>
               For particularly privacy-sensitive <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-22">features</a>, such as <cite><a data-matched-text="[[[GETUSERMEDIA]]]" href="https://www.w3.org/TR/mediacapture-streams/">Media Capture and Streams</a></cite>, which
               can provide a web application access to a user's camera and microphone, some user
@@ -925,7 +1047,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
               to offer a choice of only granting the permission for the session, or for one day.
               Others, like the <cite><a data-matched-text="[[[Notifications]]]" href="https://notifications.spec.whatwg.org/">Notifications API Standard</a></cite> and <cite><a data-matched-text="[[[push-api]]]" href="https://www.w3.org/TR/push-api/">Push API</a></cite> APIs, remember a user's
               decision indefinitely or until the user manually revokes the permission. Note that
-              permission <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-7">lifetimes</a> can vary significantly between user agents.
+              permission <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-8">lifetimes</a> can vary significantly between user agents.
             </p>
             <p>
               Finding the right balance for the lifetime of a permission requires a lot of thought
@@ -937,7 +1059,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
               indicator).
             </p>
             <p>
-              If you are unsure about what <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-8">lifetime</a> to suggest for a <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-24">powerful feature</a>, please contact the <a href="https://www.w3.org/Privacy/IG/">Privacy
+              If you are unsure about what <a data-link-type="dfn" href="#dfn-lifetime" class="internalDFN" id="ref-for-dfn-lifetime-9">lifetime</a> to suggest for a <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-24">powerful feature</a>, please contact the <a href="https://www.w3.org/Privacy/IG/">Privacy
               Interest Group</a> for guidance.
             </p>
           </aside></div>
@@ -947,10 +1069,10 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         </dt>
         <dd>
           <p>
-            An <a data-link-type="idl" data-lt="PermissionState" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-2"><code>PermissionState</code></a> value that serves as a <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-6">permission</a>'s <a data-link-type="dfn" href="#dfn-default-state" class="internalDFN" id="ref-for-dfn-default-state-2">default state</a> of a <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-25">powerful feature</a>.
+            An <a data-link-type="idl" data-lt="PermissionState" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-2"><code>PermissionState</code></a> value that serves as a <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-7">permission</a>'s <a data-link-type="dfn" href="#dfn-default-state" class="internalDFN" id="ref-for-dfn-default-state-2">default state</a> of a <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-25">powerful feature</a>.
           </p>
           <p>
-            If not specified, the <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-7">permission</a>'s <a data-link-type="dfn" href="#dfn-default-state" class="internalDFN" id="ref-for-dfn-default-state-3">default state</a> is
+            If not specified, the <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-8">permission</a>'s <a data-link-type="dfn" href="#dfn-default-state" class="internalDFN" id="ref-for-dfn-default-state-3">default state</a> is
             "<a data-link-type="idl" href="#dom-permissionstate-prompt" class="internalDFN" id="ref-for-dom-permissionstate-prompt-1"><code>prompt</code></a>".
           </p>
         </dd>
@@ -975,8 +1097,8 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           returns a <a data-link-type="idl" data-lt="PermissionState" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-3"><code>PermissionState</code></a> enum value.
         </p>
         <ol class="algorithm">
-          <li>Let <var data-type="PermissionDescriptor">descriptor</var> be a newly-created <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-7"><code>PermissionDescriptor</code></a>
-          with <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-1"><code>name</code></a> initialized to <var>name</var>.
+          <li>Let <var data-type="PermissionDescriptor">descriptor</var> be a newly-created <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-12"><code>PermissionDescriptor</code></a>
+          with <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-2"><code>name</code></a> initialized to <var>name</var>.
           </li>
           <li>Return the <a data-link-type="dfn" href="#dfn-permission-state" class="internalDFN" id="ref-for-dfn-permission-state-9">permission state</a> of <var data-type="PermissionDescriptor">descriptor</var> with <var>settings</var>.
           </li>
@@ -991,7 +1113,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           </li>
           <li>If <var>settings</var> is a <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#non-secure-context">non-secure context</a>, return "<a data-link-type="idl" href="#dom-permissionstate-denied" class="internalDFN" id="ref-for-dom-permissionstate-denied-4"><code>denied</code></a>".
           </li>
-          <li>Let <var>feature</var> be <var data-type="PermissionDescriptor">descriptor</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-2"><code>name</code></a>.
+          <li>Let <var>feature</var> be <var data-type="PermissionDescriptor">descriptor</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-3"><code>name</code></a>.
           </li>
           <li>If there exists a <a data-link-type="dfn" data-type="dfn" href="https://www.w3.org/TR/permissions-policy-1/#policy-controlled-feature">policy-controlled feature</a> for <var>feature</var> and <var>settings</var>'
           <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#concept-relevant-global">relevant global object</a> has an <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/nav-history-apis.html#concept-document-window">associated <code>Document</code></a> run the following step:
@@ -1003,18 +1125,20 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
               </li>
             </ol>
           </li>
-          <li>If there was a previous invocation of this algorithm with the same <var data-type="PermissionDescriptor">descriptor</var> and
-          <var>settings</var>, returning <var>previousResult</var>, and the user agent has not received <a href="#dfn-new-information-about-the-user-s-intent" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-new-information-about-the-user-s-intent-2">new
-          information about the user's intent</a> since that invocation, return <var>previousResult</var>.
+          <li>Let <var>key</var> be the result of <a data-link-type="dfn" data-lt="permission key generation algorithm" href="#dfn-permission-key-generation-algorithm" class="internalDFN" id="ref-for-dfn-permission-key-generation-algorithm-3">generating a permission key</a> for <var data-type="PermissionDescriptor">descriptor</var> with <var>settings</var>.
           </li>
-          <li>Return the <a data-link-type="idl" data-lt="PermissionState" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-5"><code>PermissionState</code></a> enum value that represents the permission state of
+          <li>Let <var>entry</var> be the result of <a data-link-type="dfn" data-lt="get a permission store entry" href="#dfn-get-a-permission-store-entry" class="internalDFN" id="ref-for-dfn-get-a-permission-store-entry-1">getting a permission store entry</a> with <var data-type="PermissionDescriptor">descriptor</var> and <var>key</var>.
+          </li>
+          <li>If <var>entry</var> is not null, return a <a data-link-type="idl" data-lt="PermissionState" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-5"><code>PermissionState</code></a> enum value from <var>entry</var>'s <a data-link-type="dfn" href="#dfn-state" class="internalDFN" id="ref-for-dfn-state-2">state</a>.
+          </li>
+          <li>Return the <a data-link-type="idl" data-lt="PermissionState" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-6"><code>PermissionState</code></a> enum value that represents the permission state of
           <var>feature</var>, taking into account any <a data-link-type="dfn" href="#dfn-permission-state-constraints" class="internalDFN" id="ref-for-dfn-permission-state-constraints-1">permission state constraints</a> for
-          <var data-type="PermissionDescriptor">descriptor</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-3"><code>name</code></a>.
+          <var data-type="PermissionDescriptor">descriptor</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-4"><code>name</code></a>.
           </li>
         </ol>
         <p>
           As a shorthand, a <a data-link-type="idl" data-lt="DOMString" data-type="interface" href="https://webidl.spec.whatwg.org/#idl-DOMString"><code>DOMString</code></a> <var>name</var>'s <a href="#dfn-permission-state" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-permission-state-10">permission state</a> is the <a href="#dfn-permission-state" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-permission-state-11">permission
-          state</a> of a <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-8"><code>PermissionDescriptor</code></a> with its <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-4"><code>name</code></a> member set
+          state</a> of a <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-13"><code>PermissionDescriptor</code></a> with its <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-5"><code>name</code></a> member set
           to <var>name</var>.
         </p>
       </section>
@@ -1036,21 +1160,30 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           <li>Ask the user for <a href="#dfn-express-permission" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-express-permission-7">express permission</a> for the calling algorithm to use the
           <a href="#dfn-powerful-feature" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-powerful-feature-27">powerful feature</a> described by <var data-type="PermissionDescriptor">descriptor</var>.
           </li>
-          <li>If the user gives <a data-link-type="dfn" href="#dfn-express-permission" class="internalDFN" id="ref-for-dfn-express-permission-8">express permission</a> to use the powerful feature, return
-          "<a data-link-type="idl" href="#dom-permissionstate-granted" class="internalDFN" id="ref-for-dom-permissionstate-granted-4"><code>granted</code></a>"; otherwise return "<a data-link-type="idl" href="#dom-permissionstate-denied" class="internalDFN" id="ref-for-dom-permissionstate-denied-7"><code>denied</code></a>". The user's
-          interaction may provide <a href="#dfn-new-information-about-the-user-s-intent" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-new-information-about-the-user-s-intent-3">new information about the user's intent</a> for the
+          <li>If the user gives <a data-link-type="dfn" href="#dfn-express-permission" class="internalDFN" id="ref-for-dfn-express-permission-8">express permission</a> to use the powerful feature, set <var>current state</var> to
+          "<a data-link-type="idl" href="#dom-permissionstate-granted" class="internalDFN" id="ref-for-dom-permissionstate-granted-4"><code>granted</code></a>"; otherwise to "<a data-link-type="idl" href="#dom-permissionstate-denied" class="internalDFN" id="ref-for-dom-permissionstate-denied-7"><code>denied</code></a>". The user's
+          interaction may provide <a href="#dfn-new-information-about-the-user-s-intent" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-new-information-about-the-user-s-intent-2">new information about the user's intent</a> for the
           <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#concept-origin">origin</a>.
-            <div class="note" role="note" id="issue-container-generatedID-3"><div role="heading" class="note-title marker" id="h-note-3" aria-level="4"><span>Note</span></div><p class="">
+            <div class="note" role="note" id="issue-container-generatedID-5"><div role="heading" class="note-title marker" id="h-note-5" aria-level="4"><span>Note</span></div><p class="">
               This is intentionally vague about the details of the permission UI and how the user
               agent infers user intent. User agents should be able to explore lots of UI within
               this framework.
             </p></div>
           </li>
+          <li>
+            Let <var>key</var> be the result of <a data-link-type="dfn" data-lt="permission key generation algorithm" href="#dfn-permission-key-generation-algorithm" class="internalDFN" id="ref-for-dfn-permission-key-generation-algorithm-4">generating a permission key</a> with the <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#current-settings-object">current settings object</a>.
+          </li>
+          <li>
+            <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#queue-a-task">Queue a task</a> on the <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#current-settings-object">current settings object</a>'s <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#responsible-event-loop">responsible event loop</a> to <a data-link-type="dfn" href="#dfn-set-a-permission-store-entry" class="internalDFN" id="ref-for-dfn-set-a-permission-store-entry-1">set a permission store entry</a> with <var data-type="PermissionDescriptor">descriptor</var>, <var>key</var>, and <var>current state</var>.
+          </li>
+          <li>
+            Return <var>current state</var>.
+          </li>
         </ol>
         <p>
           As a shorthand, <a href="#dfn-request-permission-to-use" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-request-permission-to-use-1">requesting permission to use</a> a <a data-link-type="idl" data-lt="DOMString" data-type="interface" href="https://webidl.spec.whatwg.org/#idl-DOMString"><code>DOMString</code></a> <var>name</var>, is the same
-          as <a href="#dfn-request-permission-to-use" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-request-permission-to-use-2">requesting permission to use</a> a <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-9"><code>PermissionDescriptor</code></a> with its
-          <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-5"><code>name</code></a> member set to <var>name</var>.
+          as <a href="#dfn-request-permission-to-use" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-request-permission-to-use-2">requesting permission to use</a> a <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-14"><code>PermissionDescriptor</code></a> with its
+          <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-6"><code>name</code></a> member set to <var>name</var>.
         </p>
       </section>
       <section id="prompt-the-user-to-choose"><div class="header-wrapper"><h3 id="x5-3-prompt-the-user-to-choose"><bdi class="secno">5.3 </bdi>
@@ -1072,7 +1205,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           and abort these steps. If the user agent returns without prompting, then subsequent
           <a data-lt="prompt the user to choose" href="#dfn-prompt-the-user-to-choose" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-prompt-the-user-to-choose-1">prompts for the user to choose</a> from the same
           set of options with the same <var data-type="PermissionDescriptor">descriptor</var> must return the same option(s), unless the user
-          agent receives <a href="#dfn-new-information-about-the-user-s-intent" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-new-information-about-the-user-s-intent-4">new information about the user's intent</a>.
+          agent receives <a href="#dfn-new-information-about-the-user-s-intent" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-new-information-about-the-user-s-intent-3">new information about the user's intent</a>.
           </li>
           <li>Ask the user to choose one or more <var>options</var> or deny permission, and wait for them to
           choose:
@@ -1087,7 +1220,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           </li>
           <li>If the user chose one or more options, return them; otherwise return
           "<a data-link-type="idl" href="#dom-permissionstate-denied" class="internalDFN" id="ref-for-dom-permissionstate-denied-11"><code>denied</code></a>".
-            <div class="note" role="note" id="issue-container-generatedID-4"><div role="heading" class="note-title marker" id="h-note-4" aria-level="4"><span>Note</span></div><p class="">
+            <div class="note" role="note" id="issue-container-generatedID-6"><div role="heading" class="note-title marker" id="h-note-6" aria-level="4"><span>Note</span></div><p class="">
               This is intentionally vague about the details of the permission UI and how the user
               agent infers user intent. User agents should be able to explore lots of UI within
               this framework.
@@ -1097,7 +1230,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         <p>
           As a shorthand, <a href="#dfn-prompt-the-user-to-choose" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-prompt-the-user-to-choose-2">prompting the user to choose</a> from options associated with a
           <a data-link-type="idl" data-lt="DOMString" data-type="interface" href="https://webidl.spec.whatwg.org/#idl-DOMString"><code>DOMString</code></a> <var>name</var>, is the same as <a href="#dfn-prompt-the-user-to-choose" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-prompt-the-user-to-choose-3">prompting the user to choose</a> from those
-          options associated with a <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-10"><code>PermissionDescriptor</code></a> with its <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-6"><code>name</code></a>
+          options associated with a <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-15"><code>PermissionDescriptor</code></a> with its <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-7"><code>name</code></a>
           member set to <var>name</var>.
         </p>
       </section>
@@ -1107,12 +1240,16 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         
         <p>
           When the user agent learns that the user no longer intends to grant permission to use a
-          <a href="#dfn-powerful-feature" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-powerful-feature-28">feature</a>, <dfn id="dfn-react-to-the-user-revoking-permission" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">react to the user revoking permission</dfn> by running these steps:
+          feature described by the <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-16"><code>PermissionDescriptor</code></a> <var>descriptor</var> in the context
+          described by the <a data-link-type="dfn" href="#dfn-permission-key" class="internalDFN" id="ref-for-dfn-permission-key-11">permission key</a> <var>key</var>, <dfn id="dfn-react-to-the-user-revoking-permission" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">react to the user revoking permission</dfn>
+          by running these steps:
         </p>
         <ol class="algorithm">
           <li>
-            <a data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#queue-a-global-task">Queue a global task</a> on the <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#user-interaction-task-source">user interaction task source</a> to run that
-            feature's <a data-link-type="dfn" href="#dfn-permission-revocation-algorithm" class="internalDFN" id="ref-for-dfn-permission-revocation-algorithm-2">permission revocation algorithm</a>.
+            Run <var>descriptor</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-8"><code>name</code></a>'s <a data-link-type="dfn" href="#dfn-permission-revocation-algorithm" class="internalDFN" id="ref-for-dfn-permission-revocation-algorithm-2">permission revocation algorithm</a>.
+          </li>
+          <li>
+            <a data-link-type="dfn" href="#dfn-remove-a-permission-store-entry" class="internalDFN" id="ref-for-dfn-remove-a-permission-store-entry-1">Remove a permission store entry</a> with <var>descriptor</var> and <var>key</var>.
           </li>
         </ol>
       </section>
@@ -1338,13 +1475,13 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
               </ol>
             </li>
             <li>Let <var>rootDesc</var> be the object <var>permissionDesc</var> refers to, <a data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-convert-ecmascript-to-idl-value">converted to an IDL
-            value</a> of type <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-11"><code>PermissionDescriptor</code></a>.
+            value</a> of type <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-17"><code>PermissionDescriptor</code></a>.
             </li>
             <li>If the conversion <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-throw">throws</a> an <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-exception">exception</a>, return <a data-type="dfn" href="https://webidl.spec.whatwg.org/#a-promise-rejected-with">a promise
             rejected with</a> that exception.
             </li>
-            <li>If <var>rootDesc</var>["<a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-7"><code>name</code></a>"] is not supported, return <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#a-promise-rejected-with">a promise rejected with</a> a <a data-link-type="idl" data-lt="TypeError" data-type="exception" href="https://webidl.spec.whatwg.org/#exceptiondef-typeerror"><code>TypeError</code></a>.
-              <div class="note" role="note" id="issue-container-generatedID-5"><div role="heading" class="note-title marker" id="h-note-5" aria-level="5"><span>Note</span><span class="issue-label">: Why is this not an enum?</span></div><aside class="">
+            <li>If <var>rootDesc</var>["<a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-9"><code>name</code></a>"] is not supported, return <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#a-promise-rejected-with">a promise rejected with</a> a <a data-link-type="idl" data-lt="TypeError" data-type="exception" href="https://webidl.spec.whatwg.org/#exceptiondef-typeerror"><code>TypeError</code></a>.
+              <div class="note" role="note" id="issue-container-generatedID-7"><div role="heading" class="note-title marker" id="h-note-7" aria-level="5"><span>Note</span><span class="issue-label">: Why is this not an enum?</span></div><aside class="">
                 <p>
                   This is deliberately designed to work the same as WebIDL's <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-enumeration">enumeration</a>
                   (<code>enum</code>) and implementers are encouraged to use their own custom <code>enum</code> here. The
@@ -1356,7 +1493,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
               </aside></div>
             </li>
             <li>Let <var>typedDescriptor</var> be the object <var>permissionDesc</var> refers to, <a data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-convert-ecmascript-to-idl-value">converted to an
-            IDL value</a> of <var>rootDesc</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-8"><code>name</code></a>'s <a data-link-type="dfn" href="#dfn-permission-descriptor-type" class="internalDFN" id="ref-for-dfn-permission-descriptor-type-4">permission descriptor type</a>.
+            IDL value</a> of <var>rootDesc</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-10"><code>name</code></a>'s <a data-link-type="dfn" href="#dfn-permission-descriptor-type" class="internalDFN" id="ref-for-dfn-permission-descriptor-type-4">permission descriptor type</a>.
             </li>
             <li>If the conversion <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-throw">throws</a> an <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-exception">exception</a>, return <a data-type="dfn" href="https://webidl.spec.whatwg.org/#a-promise-rejected-with">a promise
             rejected with</a> that exception.
@@ -1369,7 +1506,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
                 </li>
                 <li>Let <var>query</var> be <var>status</var>'s <a data-link-type="attribute" data-lt="[[query]]" href="#dfn-query" class="internalDFN" id="ref-for-dfn-query-1"><code>[[query]]</code></a> internal slot.
                 </li>
-                <li>Run <var>query</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-9"><code>name</code></a>'s <a data-link-type="dfn" href="#dfn-permission-query-algorithm" class="internalDFN" id="ref-for-dfn-permission-query-algorithm-1">permission query algorithm</a>, passing <var>query</var> and <var>status</var>.
+                <li>Run <var>query</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-11"><code>name</code></a>'s <a data-link-type="dfn" href="#dfn-permission-query-algorithm" class="internalDFN" id="ref-for-dfn-permission-query-algorithm-1">permission query algorithm</a>, passing <var>query</var> and <var>status</var>.
                 </li>
                 <li><a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#queue-a-global-task">Queue a global task</a> on the <a data-link-type="dfn" href="#dfn-permissions-task-source" class="internalDFN" id="ref-for-dfn-permissions-task-source-2">permissions task source</a> with <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#this">this</a>'s
                 <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#concept-relevant-global">relevant global object</a> to <a data-link-type="dfn" data-type="dfn" href="https://webidl.spec.whatwg.org/#resolve">resolve</a> <var data-type="Promise">promise</var> with <var>status</var>.
@@ -1428,7 +1565,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         
         <pre class="idl def" id="webidl-1212188233"><span class="idlHeader"><a class="self-link" href="#webidl-1212188233">WebIDL</a></span><code><span data-idl="" class="idlInterface" id="idl-def-permissionstatus" data-title="PermissionStatus">[<span class="extAttr"><a data-type="extended-attribute" href="https://webidl.spec.whatwg.org/#Exposed">Exposed</a>=(Window,Worker)</span>]
 interface <dfn data-export="" data-dfn-type="interface" id="dom-permissionstatus" data-idl="interface" data-title="PermissionStatus" data-dfn-for="" class="idlID" tabindex="0" aria-haspopup="dialog"><code>PermissionStatus</code></dfn> : <span class="idlSuperclass"><a data-link-type="idl" data-type="interface" href="https://dom.spec.whatwg.org/#eventtarget">EventTarget</a></span> {<span data-idl="" class="idlAttribute" id="idl-def-permissionstatus-state" data-title="state" data-dfn-for="PermissionStatus">
-  readonly attribute<span class="idlType"> <a data-link-type="idl" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-6"><code>PermissionState</code></a></span> <a class="internalDFN idlName" data-link-type="attribute" href="#dom-permissionstatus-state" id="ref-for-dom-permissionstatus-state-3"><code>state</code></a>;</span><span data-idl="" class="idlAttribute" id="idl-def-permissionstatus-name" data-title="name" data-dfn-for="PermissionStatus">
+  readonly attribute<span class="idlType"> <a data-link-type="idl" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-7"><code>PermissionState</code></a></span> <a class="internalDFN idlName" data-link-type="attribute" href="#dom-permissionstatus-state" id="ref-for-dom-permissionstatus-state-3"><code>state</code></a>;</span><span data-idl="" class="idlAttribute" id="idl-def-permissionstatus-name" data-title="name" data-dfn-for="PermissionStatus">
   readonly attribute<span class="idlType"> <a data-link-type="idl" data-type="interface" href="https://webidl.spec.whatwg.org/#idl-DOMString">DOMString</a></span> <a class="internalDFN idlName" data-link-type="attribute" href="#dom-permissionstatus-name" id="ref-for-dom-permissionstatus-name-1"><code>name</code></a>;</span><span data-idl="" class="idlAttribute" id="idl-def-permissionstatus-onchange" data-title="onchange" data-dfn-for="PermissionStatus">
   attribute<span class="idlType"> <a data-link-type="idl" data-type="typedef" href="https://html.spec.whatwg.org/multipage/webappapis.html#eventhandler">EventHandler</a></span> <a class="internalDFN idlName" data-link-type="attribute" href="#dom-permissionstatus-onchange" id="ref-for-dom-permissionstatus-onchange-1"><code>onchange</code></a>;</span>
 };</span><span data-idl="" class="idlEnum" id="idl-def-permissionstate" data-title="PermissionState">
@@ -1453,12 +1590,12 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           
           <p>
             To <dfn class="export" data-export="" id="dfn-create-a-permissionstatus" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">create a <code>PermissionStatus</code></dfn> for a given
-            <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-12"><code>PermissionDescriptor</code></a> <var>permissionDesc</var>:
+            <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-18"><code>PermissionDescriptor</code></a> <var>permissionDesc</var>:
           </p>
           <ol class="algorithm">
-            <li>Let <var data-type="DOMString">name</var> be <var>permissionDesc</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-10"><code>name</code></a>.
+            <li>Let <var data-type="DOMString">name</var> be <var>permissionDesc</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-12"><code>name</code></a>.
             </li>
-            <li class="assert"><a href="https://infra.spec.whatwg.org/#assert">Assert</a>: The <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-29">feature</a> identified by <var data-type="DOMString">name</var> is supported by the user agent.
+            <li class="assert"><a href="https://infra.spec.whatwg.org/#assert">Assert</a>: The <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-28">feature</a> identified by <var data-type="DOMString">name</var> is supported by the user agent.
             </li>
             <li>Let <var data-type="PermissionStatus">status</var> be a new instance of the <a data-link-type="dfn" href="#dfn-permission-result-type" class="internalDFN" id="ref-for-dfn-permission-result-type-3">permission result type</a> identified by <var data-type="DOMString">name</var>:
               <ol>
@@ -1644,7 +1781,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
             </li>
             <li>Let <var>query</var> be <var>status</var>'s <a data-link-type="attribute" data-lt="[[query]]" href="#dfn-query" class="internalDFN" id="ref-for-dfn-query-3"><code>[[query]]</code></a> internal slot.
             </li>
-            <li>Run <var>query</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-11"><code>name</code></a>'s <a data-link-type="dfn" href="#dfn-permission-query-algorithm" class="internalDFN" id="ref-for-dfn-permission-query-algorithm-2">permission query algorithm</a>, passing <var>query</var> and <var>status</var>.
+            <li>Run <var>query</var>'s <a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-13"><code>name</code></a>'s <a data-link-type="dfn" href="#dfn-permission-query-algorithm" class="internalDFN" id="ref-for-dfn-permission-query-algorithm-2">permission query algorithm</a>, passing <var>query</var> and <var>status</var>.
             </li>
             <li>
               <a data-type="dfn" href="https://html.spec.whatwg.org/multipage/webappapis.html#queue-a-task">Queue a task</a> on the <a data-link-type="dfn" href="#dfn-permissions-task-source" class="internalDFN" id="ref-for-dfn-permissions-task-source-3">permissions task source</a> to <a data-type="dfn" href="https://dom.spec.whatwg.org/#concept-event-fire">fire an event</a> named
@@ -1684,7 +1821,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         the two specifications do explicitly overlap.
       </p>
       <p>
-        On the one hand, this specification exclusively concerns itself with <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-30">powerful features</a>
+        On the one hand, this specification exclusively concerns itself with <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-29">powerful features</a>
         whose access is managed through a user-agent mediated permissions UI (i.e., permissions
         where the user gives express consent before that feature can be used, and where the user
         retains the ability to deny that permission at any time for any reason). These powerful
@@ -1711,7 +1848,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       <p>
         Finally, it's not possible for a powerful feature to ever become "granted" through any
         means provided by the <cite><a data-matched-text="[[[Permissions-Policy]]]" href="https://www.w3.org/TR/permissions-policy-1/">Permissions Policy</a></cite> specification. The only way that a
-        <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-31">powerful feature</a> can be <a data-link-type="dfn" href="#dfn-granted" class="internalDFN" id="ref-for-dfn-granted-7">granted</a> is by the user giving <a data-link-type="dfn" href="#dfn-express-permission" class="internalDFN" id="ref-for-dfn-express-permission-9">express permission</a> or by some user agent policy.
+        <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-30">powerful feature</a> can be <a data-link-type="dfn" href="#dfn-granted" class="internalDFN" id="ref-for-dfn-granted-7">granted</a> is by the user giving <a data-link-type="dfn" href="#dfn-express-permission" class="internalDFN" id="ref-for-dfn-express-permission-9">express permission</a> or by some user agent policy.
       </p>
     </section>
     <section data-cite="WEBIDL webdriver" id="automated-testing"><div class="header-wrapper"><h2 id="automation"><bdi class="secno">B. </bdi>
@@ -1724,8 +1861,8 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         for a user agent to support <a data-type="dfn" href="https://www.w3.org/TR/webdriver1/#dfn-extension-commands">extension commands</a> commands.
       </p>
       <pre class="idl def" id="webidl-138517604"><span class="idlHeader"><a class="self-link" href="#webidl-138517604">WebIDL</a></span><code><span data-idl="" class="idlDictionary" id="idl-def-permissionsetparameters" data-title="PermissionSetParameters">dictionary <dfn data-export="" data-dfn-type="dictionary" id="dom-permissionsetparameters" data-idl="dictionary" data-title="PermissionSetParameters" data-dfn-for="" class="idlID" tabindex="0" aria-haspopup="dialog"><code>PermissionSetParameters</code></dfn> {<span data-idl="" class="idlMember" id="idl-def-permissionsetparameters-descriptor" data-title="descriptor" data-dfn-for="PermissionSetParameters">
-  required<span class="idlType"> <a data-link-type="idl" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-13"><code>PermissionDescriptor</code></a></span> <dfn data-export="" data-dfn-type="dict-member" id="dom-permissionsetparameters-descriptor" data-idl="field" data-title="descriptor" data-dfn-for="PermissionSetParameters" data-type="PermissionDescriptor" class="idlName" tabindex="0" aria-haspopup="dialog"><code>descriptor</code></dfn>;</span><span data-idl="" class="idlMember" id="idl-def-permissionsetparameters-state" data-title="state" data-dfn-for="PermissionSetParameters">
-  required<span class="idlType"> <a data-link-type="idl" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-7"><code>PermissionState</code></a></span> <dfn data-export="" data-dfn-type="dict-member" id="dom-permissionsetparameters-state" data-idl="field" data-title="state" data-dfn-for="PermissionSetParameters" data-type="PermissionState" class="idlName" tabindex="0" aria-haspopup="dialog"><code>state</code></dfn>;</span>
+  required<span class="idlType"> <a data-link-type="idl" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-19"><code>PermissionDescriptor</code></a></span> <dfn data-export="" data-dfn-type="dict-member" id="dom-permissionsetparameters-descriptor" data-idl="field" data-title="descriptor" data-dfn-for="PermissionSetParameters" data-type="PermissionDescriptor" class="idlName" tabindex="0" aria-haspopup="dialog"><code>descriptor</code></dfn>;</span><span data-idl="" class="idlMember" id="idl-def-permissionsetparameters-state" data-title="state" data-dfn-for="PermissionSetParameters">
+  required<span class="idlType"> <a data-link-type="idl" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-8"><code>PermissionState</code></a></span> <dfn data-export="" data-dfn-type="dict-member" id="dom-permissionsetparameters-state" data-idl="field" data-title="state" data-dfn-for="PermissionSetParameters" data-type="PermissionState" class="idlName" tabindex="0" aria-haspopup="dialog"><code>state</code></dfn>;</span>
 };</span></code></pre>
       <section id="set-permission"><div class="header-wrapper"><h3 id="set-permission-command"><bdi class="secno">B.1 </bdi>
           Set Permission
@@ -1753,7 +1890,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
         </table>
         <p>
           The <dfn id="dfn-set-permission" tabindex="0" aria-haspopup="dialog" data-dfn-type="dfn">Set Permission</dfn> <a data-type="dfn" href="https://www.w3.org/TR/webdriver1/#dfn-extension-commands">extension command</a> simulates user modification of a
-          <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-14"><code>PermissionDescriptor</code></a>'s <a href="#dfn-permission-state" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-permission-state-16">permission state</a>.
+          <a data-link-type="idl" data-lt="PermissionDescriptor" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-20"><code>PermissionDescriptor</code></a>'s <a href="#dfn-permission-state" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-permission-state-16">permission state</a>.
         </p>
         <p>
           The <a data-type="dfn" href="https://www.w3.org/TR/webdriver1/#dfn-remote-end-steps">remote end steps</a> are:
@@ -1765,12 +1902,12 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
           <li>Let <var>rootDesc</var> be <var>parameters</var>.<a data-link-type="idl" href="#dom-permissionsetparameters-descriptor" class="internalDFN" id="ref-for-dom-permissionsetparameters-descriptor-1"><code>descriptor</code></a>.
           </li>
           <li>Let <var>typedDescriptor</var> be the object <var>rootDesc</var> refers to, <a data-type="dfn" href="https://webidl.spec.whatwg.org/#dfn-convert-ecmascript-to-idl-value">converted to an IDL
-          value</a> of <code><var>rootDesc</var>.<a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-12"><code>name</code></a></code>'s <a data-link-type="dfn" href="#dfn-permission-descriptor-type" class="internalDFN" id="ref-for-dfn-permission-descriptor-type-6">permission descriptor type</a>. If this throws an exception, return a <a data-link-type="dfn" data-type="dfn" href="https://www.w3.org/TR/webdriver1/#dfn-invalid-argument">invalid argument</a> <a data-link-type="dfn" data-type="dfn" href="https://www.w3.org/TR/webdriver1/#dfn-error">error</a>.
+          value</a> of <code><var>rootDesc</var>.<a data-link-type="idl" href="#dom-permissiondescriptor-name" class="internalDFN" id="ref-for-dom-permissiondescriptor-name-14"><code>name</code></a></code>'s <a data-link-type="dfn" href="#dfn-permission-descriptor-type" class="internalDFN" id="ref-for-dfn-permission-descriptor-type-6">permission descriptor type</a>. If this throws an exception, return a <a data-link-type="dfn" data-type="dfn" href="https://www.w3.org/TR/webdriver1/#dfn-invalid-argument">invalid argument</a> <a data-link-type="dfn" data-type="dfn" href="https://www.w3.org/TR/webdriver1/#dfn-error">error</a>.
           </li>
           <li>If <var>parameters</var>.<a data-link-type="idl" href="#dom-permissionsetparameters-state" class="internalDFN" id="ref-for-dom-permissionsetparameters-state-1"><code>state</code></a> is an inappropriate <a href="#dfn-permission-state" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-permission-state-17">permission
           state</a> for any implementation-defined reason, return a <a data-link-type="dfn" data-type="dfn" href="https://www.w3.org/TR/webdriver1/#dfn-invalid-argument">invalid argument</a> <a data-link-type="dfn" data-type="dfn" href="https://www.w3.org/TR/webdriver1/#dfn-error">error</a>.
-            <div class="note" role="note" id="issue-container-generatedID-6"><div role="heading" class="note-title marker" id="h-note-6" aria-level="4"><span>Note</span></div><p class="">
-              For example, <a data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">user agents</a> that define the "midi" <a href="#dfn-powerful-feature" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-powerful-feature-32">powerful feature</a> as
+            <div class="note" role="note" id="issue-container-generatedID-8"><div role="heading" class="note-title marker" id="h-note-8" aria-level="4"><span>Note</span></div><p class="">
+              For example, <a data-type="dfn" href="https://infra.spec.whatwg.org/#user-agent">user agents</a> that define the "midi" <a href="#dfn-powerful-feature" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-powerful-feature-31">powerful feature</a> as
               "always on" may choose to reject a command to set the <a href="#dfn-permission-state" class="internalDFN" data-link-type="dfn" id="ref-for-dfn-permission-state-18">permission state</a> to
               "<a data-link-type="idl" href="#dom-permissionstate-denied" class="internalDFN" id="ref-for-dom-permissionstate-denied-13"><code>denied</code></a>" at this step.
             </p></div>
@@ -1836,7 +1973,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       </p>
       <p>
         A user agent <em class="rfc2119">SHOULD</em> provide a means for the user to review, update, and reset the
-        <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-8">permission</a> <a data-link-type="dfn" href="#dfn-states" class="internalDFN" id="ref-for-dfn-states-3">state</a> of <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-33">powerful features</a> associated with an <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#concept-origin">origin</a>.
+        <a data-link-type="dfn" href="#dfn-permission" class="internalDFN" id="ref-for-dfn-permission-9">permission</a> <a data-link-type="dfn" href="#dfn-states" class="internalDFN" id="ref-for-dfn-states-5">state</a> of <a data-link-type="dfn" href="#dfn-powerful-feature" class="internalDFN" id="ref-for-dfn-powerful-feature-32">powerful features</a> associated with an <a data-link-type="dfn" data-type="dfn" href="https://html.spec.whatwg.org/multipage/browsers.html#concept-origin">origin</a>.
       </p>
     </section>
     <section id="security-considerations"><div class="header-wrapper"><h2 id="d-security-considerations"><bdi class="secno">D. </bdi>
@@ -1870,7 +2007,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
 
 <span data-idl="" class="idlInterface" data-title="PermissionStatus">[<span class="extAttr"><a data-type="extended-attribute" href="https://webidl.spec.whatwg.org/#Exposed">Exposed</a>=(Window,Worker)</span>]
 interface <dfn data-export="" data-dfn-type="interface" data-idl="interface" data-title="PermissionStatus" data-dfn-for="" class="idlID"><code>PermissionStatus</code></dfn> : <span class="idlSuperclass"><a data-link-type="idl" data-type="interface" href="https://dom.spec.whatwg.org/#eventtarget">EventTarget</a></span> {<span data-idl="" class="idlAttribute" data-title="state" data-dfn-for="PermissionStatus">
-  readonly attribute<span class="idlType"> <a data-link-type="idl" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-8"><code>PermissionState</code></a></span> <a class="internalDFN idlName" data-link-type="attribute" href="#dom-permissionstatus-state" id="ref-for-dom-permissionstatus-state-4"><code>state</code></a>;</span><span data-idl="" class="idlAttribute" data-title="name" data-dfn-for="PermissionStatus">
+  readonly attribute<span class="idlType"> <a data-link-type="idl" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-9"><code>PermissionState</code></a></span> <a class="internalDFN idlName" data-link-type="attribute" href="#dom-permissionstatus-state" id="ref-for-dom-permissionstatus-state-4"><code>state</code></a>;</span><span data-idl="" class="idlAttribute" data-title="name" data-dfn-for="PermissionStatus">
   readonly attribute<span class="idlType"> <a data-link-type="idl" data-type="interface" href="https://webidl.spec.whatwg.org/#idl-DOMString">DOMString</a></span> <a class="internalDFN idlName" data-link-type="attribute" href="#dom-permissionstatus-name" id="ref-for-dom-permissionstatus-name-3"><code>name</code></a>;</span><span data-idl="" class="idlAttribute" data-title="onchange" data-dfn-for="PermissionStatus">
   attribute<span class="idlType"> <a data-link-type="idl" data-type="typedef" href="https://html.spec.whatwg.org/multipage/webappapis.html#eventhandler">EventHandler</a></span> <a class="internalDFN idlName" data-link-type="attribute" href="#dom-permissionstatus-onchange" id="ref-for-dom-permissionstatus-onchange-2"><code>onchange</code></a>;</span>
 };</span><span data-idl="" class="idlEnum" data-title="PermissionState">
@@ -1882,8 +2019,8 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
 };</span>
 
 <span data-idl="" class="idlDictionary" data-title="PermissionSetParameters">dictionary <dfn data-export="" data-dfn-type="dictionary" data-idl="dictionary" data-title="PermissionSetParameters" data-dfn-for="" class="idlID"><code>PermissionSetParameters</code></dfn> {<span data-idl="" class="idlMember" data-title="descriptor" data-dfn-for="PermissionSetParameters">
-  required<span class="idlType"> <a data-link-type="idl" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-15"><code>PermissionDescriptor</code></a></span> <dfn data-export="" data-dfn-type="dict-member" data-idl="field" data-title="descriptor" data-dfn-for="PermissionSetParameters" data-type="PermissionDescriptor" class="idlName"><code>descriptor</code></dfn>;</span><span data-idl="" class="idlMember" data-title="state" data-dfn-for="PermissionSetParameters">
-  required<span class="idlType"> <a data-link-type="idl" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-9"><code>PermissionState</code></a></span> <dfn data-export="" data-dfn-type="dict-member" data-idl="field" data-title="state" data-dfn-for="PermissionSetParameters" data-type="PermissionState" class="idlName"><code>state</code></dfn>;</span>
+  required<span class="idlType"> <a data-link-type="idl" href="#dom-permissiondescriptor" class="internalDFN" id="ref-for-dom-permissiondescriptor-21"><code>PermissionDescriptor</code></a></span> <dfn data-export="" data-dfn-type="dict-member" data-idl="field" data-title="descriptor" data-dfn-for="PermissionSetParameters" data-type="PermissionDescriptor" class="idlName"><code>descriptor</code></dfn>;</span><span data-idl="" class="idlMember" data-title="state" data-dfn-for="PermissionSetParameters">
+  required<span class="idlType"> <a data-link-type="idl" href="#dom-permissionstate" class="internalDFN" id="ref-for-dom-permissionstate-10"><code>PermissionState</code></a></span> <dfn data-export="" data-dfn-type="dict-member" data-idl="field" data-title="state" data-dfn-for="PermissionSetParameters" data-type="PermissionState" class="idlName"><code>state</code></dfn>;</span>
 };</span></code></pre></section>
     <section class="appendix informative" id="acknowledgments"><div class="header-wrapper"><h2 class="no-num" id="f-acknowledgments"><bdi class="secno">F. </bdi>
         Acknowledgments
@@ -1947,11 +2084,13 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
   </li><li>
     <a href="#ref-for-dfn-permission-2" title="§ 3.1 Permissions">§ 3.1 Permissions</a> <a href="#ref-for-dfn-permission-3" title="Reference 2">(2)</a> 
   </li><li>
-    <a href="#ref-for-dfn-permission-4" title="§ 3.2 Powerful features">§ 3.2 Powerful features</a> 
+    <a href="#ref-for-dfn-permission-4" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> 
+  </li><li>
+    <a href="#ref-for-dfn-permission-5" title="§ 3.3 Powerful features">§ 3.3 Powerful features</a> 
   </li><li>
-    <a href="#ref-for-dfn-permission-5" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dfn-permission-6" title="Reference 2">(2)</a> <a href="#ref-for-dfn-permission-7" title="Reference 3">(3)</a> 
+    <a href="#ref-for-dfn-permission-6" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dfn-permission-7" title="Reference 2">(2)</a> <a href="#ref-for-dfn-permission-8" title="Reference 3">(3)</a> 
   </li><li>
-    <a href="#ref-for-dfn-permission-8" title="§ C. Privacy considerations">§ C. Privacy considerations</a> 
+    <a href="#ref-for-dfn-permission-9" title="§ C. Privacy considerations">§ C. Privacy considerations</a> 
   </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-express-permission" aria-label="Links in this document to definition: Express permission">
@@ -1965,7 +2104,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
     <li>
     <a href="#ref-for-dfn-express-permission-1" title="§ 3.1 Permissions">§ 3.1 Permissions</a> <a href="#ref-for-dfn-express-permission-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-express-permission-3" title="Reference 3">(3)</a> <a href="#ref-for-dfn-express-permission-4" title="Reference 4">(4)</a> 
   </li><li>
-    <a href="#ref-for-dfn-express-permission-5" title="§ 3.2 Powerful features">§ 3.2 Powerful features</a> <a href="#ref-for-dfn-express-permission-6" title="Reference 2">(2)</a> 
+    <a href="#ref-for-dfn-express-permission-5" title="§ 3.3 Powerful features">§ 3.3 Powerful features</a> <a href="#ref-for-dfn-express-permission-6" title="Reference 2">(2)</a> 
   </li><li>
     <a href="#ref-for-dfn-express-permission-7" title="§ 5.2 Requesting permission to use a powerful feature">§ 5.2 Requesting permission to use a powerful feature</a> <a href="#ref-for-dfn-express-permission-8" title="Reference 2">(2)</a> 
   </li><li>
@@ -1983,7 +2122,9 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
     <li>
     <a href="#ref-for-dfn-states-1" title="§ 3.1 Permissions">§ 3.1 Permissions</a> <a href="#ref-for-dfn-states-2" title="Reference 2">(2)</a> 
   </li><li>
-    <a href="#ref-for-dfn-states-3" title="§ C. Privacy considerations">§ C. Privacy considerations</a> 
+    <a href="#ref-for-dfn-states-3" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> <a href="#ref-for-dfn-states-4" title="Reference 2">(2)</a> 
+  </li><li>
+    <a href="#ref-for-dfn-states-5" title="§ C. Privacy considerations">§ C. Privacy considerations</a> 
   </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-denied" aria-label="Links in this document to definition: Denied">
@@ -2011,7 +2152,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
     <li>
     <a href="#ref-for-dfn-granted-1" title="§ 3.1 Permissions">§ 3.1 Permissions</a> <a href="#ref-for-dfn-granted-2" title="Reference 2">(2)</a> 
   </li><li>
-    <a href="#ref-for-dfn-granted-3" title="§ 3.2 Powerful features">§ 3.2 Powerful features</a> <a href="#ref-for-dfn-granted-4" title="Reference 2">(2)</a> 
+    <a href="#ref-for-dfn-granted-3" title="§ 3.3 Powerful features">§ 3.3 Powerful features</a> <a href="#ref-for-dfn-granted-4" title="Reference 2">(2)</a> 
   </li><li>
     <a href="#ref-for-dfn-granted-5" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> 
   </li><li>
@@ -2049,11 +2190,9 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
     <li>
     <a href="#ref-for-dfn-new-information-about-the-user-s-intent-1" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> 
   </li><li>
-    <a href="#ref-for-dfn-new-information-about-the-user-s-intent-2" title="§ 5.1 Reading the current permission state">§ 5.1 Reading the current permission state</a> 
+    <a href="#ref-for-dfn-new-information-about-the-user-s-intent-2" title="§ 5.2 Requesting permission to use a powerful feature">§ 5.2 Requesting permission to use a powerful feature</a> 
   </li><li>
-    <a href="#ref-for-dfn-new-information-about-the-user-s-intent-3" title="§ 5.2 Requesting permission to use a powerful feature">§ 5.2 Requesting permission to use a powerful feature</a> 
-  </li><li>
-    <a href="#ref-for-dfn-new-information-about-the-user-s-intent-4" title="§ 5.3 Prompt the user to choose">§ 5.3 Prompt the user to choose</a> 
+    <a href="#ref-for-dfn-new-information-about-the-user-s-intent-3" title="§ 5.3 Prompt the user to choose">§ 5.3 Prompt the user to choose</a> 
   </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-implicit-signals" aria-label="Links in this document to definition: implicit signals">
@@ -2079,7 +2218,9 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
     <li>
     <a href="#ref-for-dfn-lifetime-1" title="§ 3.1 Permissions">§ 3.1 Permissions</a> <a href="#ref-for-dfn-lifetime-2" title="Reference 2">(2)</a> 
   </li><li>
-    <a href="#ref-for-dfn-lifetime-3" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dfn-lifetime-4" title="Reference 2">(2)</a> <a href="#ref-for-dfn-lifetime-5" title="Reference 3">(3)</a> <a href="#ref-for-dfn-lifetime-6" title="Reference 4">(4)</a> <a href="#ref-for-dfn-lifetime-7" title="Reference 5">(5)</a> <a href="#ref-for-dfn-lifetime-8" title="Reference 6">(6)</a> 
+    <a href="#ref-for-dfn-lifetime-3" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> 
+  </li><li>
+    <a href="#ref-for-dfn-lifetime-4" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dfn-lifetime-5" title="Reference 2">(2)</a> <a href="#ref-for-dfn-lifetime-6" title="Reference 3">(3)</a> <a href="#ref-for-dfn-lifetime-7" title="Reference 4">(4)</a> <a href="#ref-for-dfn-lifetime-8" title="Reference 5">(5)</a> <a href="#ref-for-dfn-lifetime-9" title="Reference 6">(6)</a> 
   </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-default-state" aria-label="Links in this document to definition: default state">
@@ -2095,6 +2236,132 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
   </li><li>
     <a href="#ref-for-dfn-default-state-2" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dfn-default-state-3" title="Reference 2">(2)</a> 
   </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-permission-store" aria-label="Links in this document to definition: permission store">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-permission-store" aria-label="Permalink for definition: permission store. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-permission-store-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> <a href="#ref-for-dfn-permission-store-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-permission-store-3" title="Reference 3">(3)</a> <a href="#ref-for-dfn-permission-store-4" title="Reference 4">(4)</a> <a href="#ref-for-dfn-permission-store-5" title="Reference 5">(5)</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-permission-store-entry" aria-label="Links in this document to definition: permission store entry">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-permission-store-entry" aria-label="Permalink for definition: permission store entry. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-permission-store-entry-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> <a href="#ref-for-dfn-permission-store-entry-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-permission-store-entry-3" title="Reference 3">(3)</a> <a href="#ref-for-dfn-permission-store-entry-4" title="Reference 4">(4)</a> <a href="#ref-for-dfn-permission-store-entry-5" title="Reference 5">(5)</a> <a href="#ref-for-dfn-permission-store-entry-6" title="Reference 6">(6)</a> <a href="#ref-for-dfn-permission-store-entry-7" title="Reference 7">(7)</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-descriptor" aria-label="Links in this document to definition: descriptor">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-descriptor" aria-label="Permalink for definition: descriptor. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-descriptor-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> <a href="#ref-for-dfn-descriptor-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-descriptor-3" title="Reference 3">(3)</a> <a href="#ref-for-dfn-descriptor-4" title="Reference 4">(4)</a> <a href="#ref-for-dfn-descriptor-5" title="Reference 5">(5)</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-key" aria-label="Links in this document to definition: key">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-key" aria-label="Permalink for definition: key. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-key-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> <a href="#ref-for-dfn-key-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-key-3" title="Reference 3">(3)</a> <a href="#ref-for-dfn-key-4" title="Reference 4">(4)</a> <a href="#ref-for-dfn-key-5" title="Reference 5">(5)</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-state" aria-label="Links in this document to definition: state">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-state" aria-label="Permalink for definition: state. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-state-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> 
+  </li><li>
+    <a href="#ref-for-dfn-state-2" title="§ 5.1 Reading the current permission state">§ 5.1 Reading the current permission state</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-get-a-permission-store-entry" aria-label="Links in this document to definition: get a permission store entry">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-get-a-permission-store-entry" aria-label="Permalink for definition: get a permission store entry. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-get-a-permission-store-entry-1" title="§ 5.1 Reading the current permission state">§ 5.1 Reading the current permission state</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-set-a-permission-store-entry" aria-label="Links in this document to definition: set a permission store entry">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-set-a-permission-store-entry" aria-label="Permalink for definition: set a permission store entry. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-set-a-permission-store-entry-1" title="§ 5.2 Requesting permission to use a powerful feature">§ 5.2 Requesting permission to use a powerful feature</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-remove-a-permission-store-entry" aria-label="Links in this document to definition: remove a permission store entry">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-remove-a-permission-store-entry" aria-label="Permalink for definition: remove a permission store entry. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-remove-a-permission-store-entry-1" title="§ 5.4 Reacting to users revoking permission">§ 5.4 Reacting to users revoking permission</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-permission-key" aria-label="Links in this document to definition: permission key">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-permission-key" aria-label="Permalink for definition: permission key. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-permission-key-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> <a href="#ref-for-dfn-permission-key-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-permission-key-3" title="Reference 3">(3)</a> <a href="#ref-for-dfn-permission-key-4" title="Reference 4">(4)</a> <a href="#ref-for-dfn-permission-key-5" title="Reference 5">(5)</a> <a href="#ref-for-dfn-permission-key-6" title="Reference 6">(6)</a> 
+  </li><li>
+    <a href="#ref-for-dfn-permission-key-7" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dfn-permission-key-8" title="Reference 2">(2)</a> <a href="#ref-for-dfn-permission-key-9" title="Reference 3">(3)</a> <a href="#ref-for-dfn-permission-key-10" title="Reference 4">(4)</a> 
+  </li><li>
+    <a href="#ref-for-dfn-permission-key-11" title="§ 5.4 Reacting to users revoking permission">§ 5.4 Reacting to users revoking permission</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-is-equal-to" aria-label="Links in this document to definition: is equal to">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-is-equal-to" aria-label="Permalink for definition: is equal to. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-is-equal-to-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> <a href="#ref-for-dfn-is-equal-to-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-is-equal-to-3" title="Reference 3">(3)</a> 
+  </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-powerful-feature" aria-label="Links in this document to definition: powerful feature">
       <span class="caret"></span>
@@ -2113,23 +2380,21 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
   </li><li>
     <a href="#ref-for-dfn-powerful-feature-4" title="§ 3.1 Permissions">§ 3.1 Permissions</a> <a href="#ref-for-dfn-powerful-feature-5" title="Reference 2">(2)</a> <a href="#ref-for-dfn-powerful-feature-6" title="Reference 3">(3)</a> <a href="#ref-for-dfn-powerful-feature-7" title="Reference 4">(4)</a> <a href="#ref-for-dfn-powerful-feature-8" title="Reference 5">(5)</a> <a href="#ref-for-dfn-powerful-feature-9" title="Reference 6">(6)</a> <a href="#ref-for-dfn-powerful-feature-10" title="Reference 7">(7)</a> 
   </li><li>
-    <a href="#ref-for-dfn-powerful-feature-11" title="§ 3.2 Powerful features">§ 3.2 Powerful features</a> <a href="#ref-for-dfn-powerful-feature-12" title="Reference 2">(2)</a> 
+    <a href="#ref-for-dfn-powerful-feature-11" title="§ 3.3 Powerful features">§ 3.3 Powerful features</a> <a href="#ref-for-dfn-powerful-feature-12" title="Reference 2">(2)</a> 
   </li><li>
-    <a href="#ref-for-dfn-powerful-feature-13" title="§ 3.2.1 Aspects">§ 3.2.1 Aspects</a> <a href="#ref-for-dfn-powerful-feature-14" title="Reference 2">(2)</a> 
+    <a href="#ref-for-dfn-powerful-feature-13" title="§ 3.3.1 Aspects">§ 3.3.1 Aspects</a> <a href="#ref-for-dfn-powerful-feature-14" title="Reference 2">(2)</a> 
   </li><li>
     <a href="#ref-for-dfn-powerful-feature-15" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dfn-powerful-feature-16" title="Reference 2">(2)</a> <a href="#ref-for-dfn-powerful-feature-17" title="Reference 3">(3)</a> <a href="#ref-for-dfn-powerful-feature-18" title="Reference 4">(4)</a> <a href="#ref-for-dfn-powerful-feature-19" title="Reference 5">(5)</a> <a href="#ref-for-dfn-powerful-feature-20" title="Reference 6">(6)</a> <a href="#ref-for-dfn-powerful-feature-21" title="Reference 7">(7)</a> <a href="#ref-for-dfn-powerful-feature-22" title="Reference 8">(8)</a> <a href="#ref-for-dfn-powerful-feature-23" title="Reference 9">(9)</a> <a href="#ref-for-dfn-powerful-feature-24" title="Reference 10">(10)</a> <a href="#ref-for-dfn-powerful-feature-25" title="Reference 11">(11)</a> <a href="#ref-for-dfn-powerful-feature-26" title="Reference 12">(12)</a> 
   </li><li>
     <a href="#ref-for-dfn-powerful-feature-27" title="§ 5.2 Requesting permission to use a powerful feature">§ 5.2 Requesting permission to use a powerful feature</a> 
   </li><li>
-    <a href="#ref-for-dfn-powerful-feature-28" title="§ 5.4 Reacting to users revoking permission">§ 5.4 Reacting to users revoking permission</a> 
-  </li><li>
-    <a href="#ref-for-dfn-powerful-feature-29" title="§ 6.3.1 Creating instances">§ 6.3.1 Creating instances</a> 
+    <a href="#ref-for-dfn-powerful-feature-28" title="§ 6.3.1 Creating instances">§ 6.3.1 Creating instances</a> 
   </li><li>
-    <a href="#ref-for-dfn-powerful-feature-30" title="§ A. Relationship to the Permissions Policy specification">§ A. Relationship to the Permissions Policy specification</a> <a href="#ref-for-dfn-powerful-feature-31" title="Reference 2">(2)</a> 
+    <a href="#ref-for-dfn-powerful-feature-29" title="§ A. Relationship to the Permissions Policy specification">§ A. Relationship to the Permissions Policy specification</a> <a href="#ref-for-dfn-powerful-feature-30" title="Reference 2">(2)</a> 
   </li><li>
-    <a href="#ref-for-dfn-powerful-feature-32" title="§ B.1 Set Permission">§ B.1 Set Permission</a> 
+    <a href="#ref-for-dfn-powerful-feature-31" title="§ B.1 Set Permission">§ B.1 Set Permission</a> 
   </li><li>
-    <a href="#ref-for-dfn-powerful-feature-33" title="§ C. Privacy considerations">§ C. Privacy considerations</a> 
+    <a href="#ref-for-dfn-powerful-feature-32" title="§ C. Privacy considerations">§ C. Privacy considerations</a> 
   </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-name" aria-label="Links in this document to definition: name">
@@ -2157,7 +2422,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-    <a href="#ref-for-dfn-aspects-1" title="§ 3.2.1 Aspects">§ 3.2.1 Aspects</a> 
+    <a href="#ref-for-dfn-aspects-1" title="§ 3.3.1 Aspects">§ 3.3.1 Aspects</a> 
   </li><li>
     <a href="#ref-for-dfn-aspects-2" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> 
   </li>
@@ -2201,7 +2466,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-    <a href="#ref-for-dfn-permission-descriptor-type-1" title="§ 3.2.1 Aspects">§ 3.2.1 Aspects</a> 
+    <a href="#ref-for-dfn-permission-descriptor-type-1" title="§ 3.3.1 Aspects">§ 3.3.1 Aspects</a> 
   </li><li>
     <a href="#ref-for-dfn-permission-descriptor-type-2" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dfn-permission-descriptor-type-3" title="Reference 2">(2)</a> 
   </li><li>
@@ -2311,6 +2576,74 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
     <li>
     <a href="#ref-for-dfn-default-permission-query-algorithm-1" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> 
   </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-permission-key-type" aria-label="Links in this document to definition: permission key type">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-permission-key-type" aria-label="Permalink for definition: permission key type. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-permission-key-type-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> <a href="#ref-for-dfn-permission-key-type-2" title="Reference 2">(2)</a> <a href="#ref-for-dfn-permission-key-type-3" title="Reference 3">(3)</a> <a href="#ref-for-dfn-permission-key-type-4" title="Reference 4">(4)</a> 
+  </li><li>
+    <a href="#ref-for-dfn-permission-key-type-5" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-permission-key-generation-algorithm" aria-label="Links in this document to definition: permission key generation algorithm">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-permission-key-generation-algorithm" aria-label="Permalink for definition: permission key generation algorithm. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-permission-key-generation-algorithm-1" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dfn-permission-key-generation-algorithm-2" title="Reference 2">(2)</a> 
+  </li><li>
+    <a href="#ref-for-dfn-permission-key-generation-algorithm-3" title="§ 5.1 Reading the current permission state">§ 5.1 Reading the current permission state</a> 
+  </li><li>
+    <a href="#ref-for-dfn-permission-key-generation-algorithm-4" title="§ 5.2 Requesting permission to use a powerful feature">§ 5.2 Requesting permission to use a powerful feature</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-default-permission-key-generation-algorithm" aria-label="Links in this document to definition: default permission key generation algorithm">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-default-permission-key-generation-algorithm" aria-label="Permalink for definition: default permission key generation algorithm. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-default-permission-key-generation-algorithm-1" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-permission-key-comparison-algorithm" aria-label="Links in this document to definition: permission key comparison algorithm">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-permission-key-comparison-algorithm" aria-label="Permalink for definition: permission key comparison algorithm. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-permission-key-comparison-algorithm-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> 
+  </li><li>
+    <a href="#ref-for-dfn-permission-key-comparison-algorithm-2" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> 
+  </li>
+  </ul>
+    </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-default-permission-key-comparison-algorithm" aria-label="Links in this document to definition: default permission key comparison algorithm">
+      <span class="caret"></span>
+      <div>
+        <a class="self-link" href="#dfn-default-permission-key-comparison-algorithm" aria-label="Permalink for definition: default permission key comparison algorithm. Activate to close this dialog.">Permalink</a>
+        <span class="marker dfn-exported" title="Definition can be referenced by other specifications">exported</span> 
+      </div>
+      <p><b>Referenced in:</b></p>
+      <ul>
+    <li>
+    <a href="#ref-for-dfn-default-permission-key-comparison-algorithm-1" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> 
+  </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-permission-revocation-algorithm" aria-label="Links in this document to definition: permission revocation algorithm">
       <span class="caret"></span>
@@ -2415,7 +2748,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-    <a href="#ref-for-dfn-react-to-the-user-revoking-permission-1" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dfn-react-to-the-user-revoking-permission-2" title="Reference 2">(2)</a> 
+    <a href="#ref-for-dfn-react-to-the-user-revoking-permission-1" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> 
   </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dom-navigator-permissions" aria-label="Links in this document to definition: permissions">
@@ -2463,25 +2796,29 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-    <a href="#ref-for-dom-permissiondescriptor-1" title="§ 3.2.1 Aspects">§ 3.2.1 Aspects</a> <a href="#ref-for-dom-permissiondescriptor-2" title="Reference 2">(2)</a> 
+    <a href="#ref-for-dom-permissiondescriptor-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> <a href="#ref-for-dom-permissiondescriptor-2" title="Reference 2">(2)</a> <a href="#ref-for-dom-permissiondescriptor-3" title="Reference 3">(3)</a> <a href="#ref-for-dom-permissiondescriptor-4" title="Reference 4">(4)</a> <a href="#ref-for-dom-permissiondescriptor-5" title="Reference 5">(5)</a> 
+  </li><li>
+    <a href="#ref-for-dom-permissiondescriptor-6" title="§ 3.3.1 Aspects">§ 3.3.1 Aspects</a> <a href="#ref-for-dom-permissiondescriptor-7" title="Reference 2">(2)</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-3" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dom-permissiondescriptor-4" title="Reference 2">(2)</a> <a href="#ref-for-dom-permissiondescriptor-5" title="Reference 3">(3)</a> <a href="#ref-for-dom-permissiondescriptor-6" title="Reference 4">(4)</a> 
+    <a href="#ref-for-dom-permissiondescriptor-8" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dom-permissiondescriptor-9" title="Reference 2">(2)</a> <a href="#ref-for-dom-permissiondescriptor-10" title="Reference 3">(3)</a> <a href="#ref-for-dom-permissiondescriptor-11" title="Reference 4">(4)</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-7" title="§ 5.1 Reading the current permission state">§ 5.1 Reading the current permission state</a> <a href="#ref-for-dom-permissiondescriptor-8" title="Reference 2">(2)</a> 
+    <a href="#ref-for-dom-permissiondescriptor-12" title="§ 5.1 Reading the current permission state">§ 5.1 Reading the current permission state</a> <a href="#ref-for-dom-permissiondescriptor-13" title="Reference 2">(2)</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-9" title="§ 5.2 Requesting permission to use a powerful feature">§ 5.2 Requesting permission to use a powerful feature</a> 
+    <a href="#ref-for-dom-permissiondescriptor-14" title="§ 5.2 Requesting permission to use a powerful feature">§ 5.2 Requesting permission to use a powerful feature</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-10" title="§ 5.3 Prompt the user to choose">§ 5.3 Prompt the user to choose</a> 
+    <a href="#ref-for-dom-permissiondescriptor-15" title="§ 5.3 Prompt the user to choose">§ 5.3 Prompt the user to choose</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-11" title="§ 6.2.1 query() method">§ 6.2.1 query() method</a> 
+    <a href="#ref-for-dom-permissiondescriptor-16" title="§ 5.4 Reacting to users revoking permission">§ 5.4 Reacting to users revoking permission</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-12" title="§ 6.3.1 Creating instances">§ 6.3.1 Creating instances</a> 
+    <a href="#ref-for-dom-permissiondescriptor-17" title="§ 6.2.1 query() method">§ 6.2.1 query() method</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-13" title="§ B. Automated testing">§ B. Automated testing</a> 
+    <a href="#ref-for-dom-permissiondescriptor-18" title="§ 6.3.1 Creating instances">§ 6.3.1 Creating instances</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-14" title="§ B.1 Set Permission">§ B.1 Set Permission</a> 
+    <a href="#ref-for-dom-permissiondescriptor-19" title="§ B. Automated testing">§ B. Automated testing</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-15" title="§ E. IDL Index">§ E. IDL Index</a> 
+    <a href="#ref-for-dom-permissiondescriptor-20" title="§ B.1 Set Permission">§ B.1 Set Permission</a> 
+  </li><li>
+    <a href="#ref-for-dom-permissiondescriptor-21" title="§ E. IDL Index">§ E. IDL Index</a> 
   </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dom-permissiondescriptor-name" aria-label="Links in this document to definition: name">
@@ -2493,19 +2830,23 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-    <a href="#ref-for-dom-permissiondescriptor-name-1" title="§ 5.1 Reading the current permission state">§ 5.1 Reading the current permission state</a> <a href="#ref-for-dom-permissiondescriptor-name-2" title="Reference 2">(2)</a> <a href="#ref-for-dom-permissiondescriptor-name-3" title="Reference 3">(3)</a> <a href="#ref-for-dom-permissiondescriptor-name-4" title="Reference 4">(4)</a> 
+    <a href="#ref-for-dom-permissiondescriptor-name-1" title="§ 3.2 Permission Store">§ 3.2 Permission Store</a> 
+  </li><li>
+    <a href="#ref-for-dom-permissiondescriptor-name-2" title="§ 5.1 Reading the current permission state">§ 5.1 Reading the current permission state</a> <a href="#ref-for-dom-permissiondescriptor-name-3" title="Reference 2">(2)</a> <a href="#ref-for-dom-permissiondescriptor-name-4" title="Reference 3">(3)</a> <a href="#ref-for-dom-permissiondescriptor-name-5" title="Reference 4">(4)</a> 
+  </li><li>
+    <a href="#ref-for-dom-permissiondescriptor-name-6" title="§ 5.2 Requesting permission to use a powerful feature">§ 5.2 Requesting permission to use a powerful feature</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-name-5" title="§ 5.2 Requesting permission to use a powerful feature">§ 5.2 Requesting permission to use a powerful feature</a> 
+    <a href="#ref-for-dom-permissiondescriptor-name-7" title="§ 5.3 Prompt the user to choose">§ 5.3 Prompt the user to choose</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-name-6" title="§ 5.3 Prompt the user to choose">§ 5.3 Prompt the user to choose</a> 
+    <a href="#ref-for-dom-permissiondescriptor-name-8" title="§ 5.4 Reacting to users revoking permission">§ 5.4 Reacting to users revoking permission</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-name-7" title="§ 6.2.1 query() method">§ 6.2.1 query() method</a> <a href="#ref-for-dom-permissiondescriptor-name-8" title="Reference 2">(2)</a> <a href="#ref-for-dom-permissiondescriptor-name-9" title="Reference 3">(3)</a> 
+    <a href="#ref-for-dom-permissiondescriptor-name-9" title="§ 6.2.1 query() method">§ 6.2.1 query() method</a> <a href="#ref-for-dom-permissiondescriptor-name-10" title="Reference 2">(2)</a> <a href="#ref-for-dom-permissiondescriptor-name-11" title="Reference 3">(3)</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-name-10" title="§ 6.3.1 Creating instances">§ 6.3.1 Creating instances</a> 
+    <a href="#ref-for-dom-permissiondescriptor-name-12" title="§ 6.3.1 Creating instances">§ 6.3.1 Creating instances</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-name-11" title="§ 6.3.4 onchange attribute">§ 6.3.4 onchange attribute</a> 
+    <a href="#ref-for-dom-permissiondescriptor-name-13" title="§ 6.3.4 onchange attribute">§ 6.3.4 onchange attribute</a> 
   </li><li>
-    <a href="#ref-for-dom-permissiondescriptor-name-12" title="§ B.1 Set Permission">§ B.1 Set Permission</a> 
+    <a href="#ref-for-dom-permissiondescriptor-name-14" title="§ B.1 Set Permission">§ B.1 Set Permission</a> 
   </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dom-permissions-query" aria-label="Links in this document to definition: query()">
@@ -2543,7 +2884,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-    <a href="#ref-for-dom-permissionstatus-1" title="§ 3.2.1 Aspects">§ 3.2.1 Aspects</a> 
+    <a href="#ref-for-dom-permissionstatus-1" title="§ 3.3.1 Aspects">§ 3.3.1 Aspects</a> 
   </li><li>
     <a href="#ref-for-dom-permissionstatus-2" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dom-permissionstatus-3" title="Reference 2">(2)</a> <a href="#ref-for-dom-permissionstatus-4" title="Reference 3">(3)</a> 
   </li><li>
@@ -2569,13 +2910,13 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
     <li>
     <a href="#ref-for-dom-permissionstate-1" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dom-permissionstate-2" title="Reference 2">(2)</a> 
   </li><li>
-    <a href="#ref-for-dom-permissionstate-3" title="§ 5.1 Reading the current permission state">§ 5.1 Reading the current permission state</a> <a href="#ref-for-dom-permissionstate-4" title="Reference 2">(2)</a> <a href="#ref-for-dom-permissionstate-5" title="Reference 3">(3)</a> 
+    <a href="#ref-for-dom-permissionstate-3" title="§ 5.1 Reading the current permission state">§ 5.1 Reading the current permission state</a> <a href="#ref-for-dom-permissionstate-4" title="Reference 2">(2)</a> <a href="#ref-for-dom-permissionstate-5" title="Reference 3">(3)</a> <a href="#ref-for-dom-permissionstate-6" title="Reference 4">(4)</a> 
   </li><li>
-    <a href="#ref-for-dom-permissionstate-6" title="§ 6.3 PermissionStatus interface">§ 6.3 PermissionStatus interface</a> 
+    <a href="#ref-for-dom-permissionstate-7" title="§ 6.3 PermissionStatus interface">§ 6.3 PermissionStatus interface</a> 
   </li><li>
-    <a href="#ref-for-dom-permissionstate-7" title="§ B. Automated testing">§ B. Automated testing</a> 
+    <a href="#ref-for-dom-permissionstate-8" title="§ B. Automated testing">§ B. Automated testing</a> 
   </li><li>
-    <a href="#ref-for-dom-permissionstate-8" title="§ E. IDL Index">§ E. IDL Index</a> <a href="#ref-for-dom-permissionstate-9" title="Reference 2">(2)</a> 
+    <a href="#ref-for-dom-permissionstate-9" title="§ E. IDL Index">§ E. IDL Index</a> <a href="#ref-for-dom-permissionstate-10" title="Reference 2">(2)</a> 
   </li>
   </ul>
     </div><div class="dfn-panel" hidden="" role="dialog" aria-modal="true" id="dfn-panel-for-dfn-query" aria-label="Links in this document to definition: [[query]]">
@@ -2623,7 +2964,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-    <a href="#ref-for-dom-permissionstate-denied-1" title="§ 3.2.1 Aspects">§ 3.2.1 Aspects</a> 
+    <a href="#ref-for-dom-permissionstate-denied-1" title="§ 3.3.1 Aspects">§ 3.3.1 Aspects</a> 
   </li><li>
     <a href="#ref-for-dom-permissionstate-denied-2" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> <a href="#ref-for-dom-permissionstate-denied-3" title="Reference 2">(2)</a> 
   </li><li>
@@ -2695,7 +3036,7 @@ <h1 id="title" class="title">Permissions</h1> <h2 id="subtitle" class="subtitle"
       <p><b>Referenced in:</b></p>
       <ul>
     <li>
-    <a href="#ref-for-dom-permissionstatus-state-1" title="§ 3.2.1 Aspects">§ 3.2.1 Aspects</a> 
+    <a href="#ref-for-dom-permissionstatus-state-1" title="§ 3.3.1 Aspects">§ 3.3.1 Aspects</a> 
   </li><li>
     <a href="#ref-for-dom-permissionstatus-state-2" title="§ 4. Specifying a powerful feature">§ 4. Specifying a powerful feature</a> 
   </li><li>