CfC to adopt Fetch Metadata, and publish a FWPD (deadline April 8th). from Mike West on 2019-03-25 (public-webappsec@w3.org from March 2019)

From: Mike West <mkwst@google.com>
Date: Mon, 25 Mar 2019 10:02:17 +0100
To: Web Application Security Working Group <public-webappsec@w3.org>
Cc: Dan Veditz <dveditz@mozilla.com>, Wendy Seltzer <wseltzer@w3.org>
Message-ID: <CAKXHy=cko=7DfC-cpzaLzJXSAK0X-J+Yx3g4Y_6aHXbOBCM4rw@mail.gmail.com>

(Chair hat off)

We discussed Fetch Metadata <https://mikewest.github.io/sec-metadata/> briefly
on the 2019-03-20 call
<https://github.com/w3c/webappsec/blob/master/meetings/2019/2019-03-20.minutes.md#fetch-metadata>,
and I think there was some amount of concensus among the folks there that
this was an interesting feature, and would be most easily comprehensible as
a separate document. I think the functionality fits into our existing
charter's scope <https://www.w3.org/2011/webappsec/charter-2017.html> pretty
cleanly, and I think that there's been enough attention to the feature's
broad strokes that it's worth pulling out of incubation and into a group
like this one.

Is it a reasonable feature we'd like to standardize? If so, is doing that
work here reasonable, or should we push it out to WHATWG instead, perhaps
even as part of Fetch? I think the answers are "Yes" and "Yes", but I'd
appreciate feedback from the wider group.

This, therefore, is a call for consensus to adopt Fetch Metadata as a
WebAppSec deliverable and publish it as a FPWD. If you have thoughts, one
way or the other, please respond by 2019-04-08 (preferably in the GitHub
issue at https://github.com/w3c/webappsec/issues/550, but responses to this
thread are, of course, welcome!)

Thanks!

-mike

Received on Monday, 25 March 2019 09:02:55 UTC