PNG 3rd edition 2022-10-28

[svgeesus]

We prefers groups to run a self-review around the time of FPWD. See https://w3ctag.github.io/security-questionnaire/.

If you still want us to review your spec, please provide the information below.

In the issue title above add the document name followed by the date of this request.

• name of spec to be reviewed:

  • Portable Network Graphics (PNG) Specification (Third Edition)

• URL of spec: [This must be a dated version in the TR namespace, not an editor's draft.]

  • https://www.w3.org/TR/2022/WD-png-3-20221025/

• Does your document have an in-line Security Considerations section, ideally one separate from the Privacy Considerations? If not, corrrect that before proceeding further.

  • Yes

• Do you need a reply by a particular date?

  • No

• Please point to the results of your own self-review (see https://w3ctag.github.io/security-questionnaire/)

  • https://github.com/w3c/PNG-spec/issues/228#issuecomment-1279390248

• Where and how to file issues arising?

  • PNG-spec GitHub repo, preferably one issue per comment

• Pointer to any explainer for the spec?

  • No, this is a maintenance update of an old and widely deployed specification

Other comments:

We are heavily constrained by the excellent backwards compatibility with PNG images since 1994.

We are primarily interested in comments on the new (or newly-standardized) features

Current issues with 'security-tracker'

[svgeesus]

There is still time to add any security-related issues to PNG Third Edition. W are getting ready to publish an updated WD for TAG review, before moving to CR.