[transition] FPWD Request for Trusted Types from sysbot+notifier@w3.org on 2022-09-20 (public-transition-announce@w3.org from September 2022)

From: <sysbot+notifier@w3.org>
Date: Tue, 20 Sep 2022 11:38:27 +0000
To: public-transition-announce@w3.org
Message-ID: <7b079657-554d-64ce-0d16-a61092bb9a82@w3.org>

FPWD Request for Trusted Types
from https://github.com/w3c/transitions/issues/456

# Document title, URLs, estimated publication date

Trusted Types, https://w3c.github.io/webappsec-trusted-types/dist/spec/, ASAP.

# Abstract

An API that allows applications to lock down powerful APIs to only accept non-spoofable, typed values in place of strings to prevent vulnerabilities caused by using these APIs with attacker-controlled inputs.

# Status

This is a public copy of the editors’ draft. It is provided for discussion only and may change at any moment. Its publication here does not imply endorsement of its contents by W3C. Don’t cite this document other than as work in progress.

Changes to this document may be tracked at https://github.com/w3c/webappsec.

The ([archived](https://lists.w3.org/Archives/Public/public-webappsec/)) public mailing list [public-webappsec@w3.org](mailto:public-webappsec@w3.org?Subject=%5Btrusted-types%5D%20PUT%20SUBJECT%20HERE) (see [instructions](https://www.w3.org/Mail/Request)) is preferred for discussion of this specification. When sending e-mail, please put the text “trusted-types” in the subject, preferably like this: “[trusted-types] …summary of comment…”

This document was produced by the [Web Application Security Working Group](https://www.w3.org/groups/wg/webappsec).

This document was produced by a group operating under the [W3C Patent Policy](https://www.w3.org/Consortium/Patent-Policy/). W3C maintains a [public list of any patent disclosures](https://www.w3.org/groups/wg/webappsec/ipr) made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains [Essential Claim(s)](https://www.w3.org/Consortium/Patent-Policy/#def-essential) must disclose the information in accordance with [section 6 of the W3C Patent Policy](https://www.w3.org/Consortium/Patent-Policy/#sec-Disclosure).

This document is governed by the [2 November 2021 W3C Process Document](https://www.w3.org/2021/Process-20211102/).

# Is it a delta specification intended to become a W3C Recommendation?

No.

# Link to group's decision to request transition

https://github.com/w3c/webappsec-trusted-types/issues/342 (which was eventually resolved in the rechartering discussion, /cc @wseltzer and @samuelweiler)

# Information about implementations known to the Working Group

Implemented in Chromium-based browsers: https://wpt.fyi/results/trusted-types?label=experimental&label=master&aligned

/cc @koto


-- 
This email was generated automatically using https://github.com/w3c/transition-issues-bot

Received on Tuesday, 20 September 2022 11:38:38 UTC