[w3ctag/design-reviews] Feature Policy: Document Policies (#408)

こんにちはTAG!

I'm requesting a TAG review of:

  - Name: Document Policies
  - Specification URL: TBD
  - Explainer (containing user needs and example code)¹: https://github.com/w3c/webappsec-feature-policy/blob/master/document-policy-explainer.md

  - GitHub issues (if you prefer feedback filed there): https://github.com/w3c/webappsec-feature-policy/issues

  - Tests: TBD
  - Primary contacts (and their relationship to the specification): clelland(author)

Further details:

  - Relevant time constraints or deadlines: [please provide]
  - [x] I have read and filled out the [Self-Review Questionnare on Security and Privacy](https://www.w3.org/TR/security-privacy-questionnaire/). The [assessment is here](https://github.com/w3c/webappsec-feature-policy/blob/master/security-privacy-questionnaire-document-policies.md).
  - [x] I have reviewed the TAG's [API Design Principles](https://w3ctag.github.io/design-principles/)
  - The group where the work on this specification is: W3C WebAppSec

You should also know that the initial Feature Policy spec, which was reviewed previously (#159) by TAG, can be simplified with the adoption of Document Policies. The goal is to constrain it to just those features which are best served by the "allowed at top-level, delegate to cross-origin frames" model, and focus it tightly on that use case.

You should also also know that this explainer is the result of discussions which were *also* previously noted by TAG in #341.

We'd prefer the TAG provide feedback as (please select one):

  - [x] open issues in our GitHub repo for each point of feedback
  - [ ] open a single issue in our GitHub repo for the entire review
  - [ ] leave review feedback as a comment in this issue and @-notify [github usernames]


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/408