- From: Mike West <notifications@github.com>
- Date: Tue, 07 Oct 2025 03:25:26 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3ctag/design-reviews/issues/1135/3376249806@github.com>
mikewest left a comment (w3ctag/design-reviews#1135) > The `alternate solutions` considered for this incubation is not mentioned in the explainer. Can you please add a section on this structured as Alternative → Pros → Cons → Reason for rejection. That makes the reasoning more transparent to external reviewers. Skimming through the discussion starting at https://github.com/WICG/signature-based-sri/issues/10#issuecomment-2591268614, I think the only alternatives I seriously considered were different spellings of the attributes. I'm happy to add some thoughts to that end in somewhere. > The explainer mainly focuses on the developer's benefits and how this integrity mechanism will fulfil their needs. This is ok; however, the explainer should also elaborate on `end-use problem` and explicitly mention how the proposal benefits the end-users. This also should be addressed. I expect I'll follow the [explainer explainer's boilerplate](https://www.w3.org/TR/explainer-explainer/#security-user-benefit) here, and find somewhere reasonable to paste the helpful text it suggests: "This feature is meant to improve website security, which reduces the frequency of breaches that compromise user data.". Do you think additional justification of user benefit is necessary? --- Otherwise, it sounds like y'all are directionally satisfied with this proposal? Or are there some details of the approach and/or spec on which you have feedback? -- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/1135#issuecomment-3376249806 You are receiving this because you are subscribed to this thread. Message ID: <w3ctag/design-reviews/issues/1135/3376249806@github.com>
Received on Tuesday, 7 October 2025 10:25:31 UTC