WICG/webpackage Issues

Last updated Nov 21, 2024, 5:48:04 AM UTC.

This repository doesn't have the Priority: Eventually label that's used to mark an issue as triaged without giving it an SLO. Until that's added, this summary uses heuristics to guess if each issue has been triaged.

Untriaged

Try to triage issues within . [ More Info ]

Issue Title Within SLO On maintainers' plates for Time left Time past SLO
#40 Allow linking to sub-packages instead of just including them
#48 In links to packages, consider srcset-type mechanism
#52 Look into Macaroons for cross-signing
#86 Noting open W3C TAG legacy issues
#141 Deal with clock skew
#176 Node ecosystem might need to preserve using `file:` protocol
#177 Internal referencing and internal only resources
#221 Certificate chain in exchanges
#236 Include a list of used permissions in signed part of bundles
#253 Accept-Signature specifies a syntax that violates the ABNF for sh-param-list
#289 Feature detection and Accept: application/signed-exchanges headers
#314 Integrity record size limit is missing from b2 snapshot
#322 Reserve a HTTP/2 Error Code in the Error Code Registry
#324 Specify how intermediates should load Signed Exchanges with validityUrl
#419 Spec review
#431 Go: Avoid mutating (signedexchange.Exchange).Payload
#432 Prevent fallback loop when publisher publishes invalid SXG
#434 Spec makes it difficult to distinguish signed and unsigned parameters
#462 dump-certurl and dump-signedexchange do not verify the dates of OCSP response
#463 Document how the web relies on transport security
#465 Write a Human Rights Considerations section
#471 Consider removing or generalizing Accept-Signature identifiers
#496 Provide a formal way for one bundle of JS Modules to optionally reuse already loaded modules from another bundle
#507 Specs rely on expired versions of Structured Headers draft
#528 file format detection
#532 Bundle replay as alternative to 'Save Page As...'
#544 Ensure watermarked signed bundles don't allow user ID transfer
#555 loading spec: Content sniffing prevention steps are missing in Parsing b3 algorithm
#564 go/signedexchange: gen-certurl should fail on invalid OCSP
#575 Supporting TWAs and like cases
#585 Demote `validity-url` to optional
#600 Updating a SXG via validity-url forces content negotiation on servers
#602 Signed-Headers or Signed-Fields
#675 Serve https://publisher directly from an edge node?
#747 Clarify how `<script type=webbundle>` affects speculative HTML parsing.
#807 Distributing service worker script via SXG
#839 Function signature change: reading all bytes from a stream
#840 Convert from zip to web pack / bundle format online
#870 Support offline
#885 Normative references to discontinued specs in Loading Signed Exchanges