Is there agreement in the HTML-spec community that no new injection sinks will be added?

[mbrodesser-Igalia]

If so one, one could rely on TT staying trustworthy.

CC @mozfreddyb

[mozfreddyb]

I don't think it's necessarily "forbidden" to add new injection sinks and I don't think that's even necessary.

My assumption is that TT will need continued maintenance and care to make sure that it's kept in alignment with the web platform at large.
Secondly, I think there's a hope that with two aligned implementations, TT could be properly upstreamed into existing specs, which should make maintenance easier.

[lukewarlow]

New DOM Sinks are definitely being added still, see #403

[mbrodesser-Igalia]

I don't think it's necessarily "forbidden" to add new injection sinks and I don't think that's even necessary.

My assumption is that TT will need continued maintenance and care to make sure that it's kept in alignment with the web platform at large. Secondly, I think there's a hope that with two aligned implementations, TT could be properly upstreamed into existing specs, which should make maintenance easier.

Agree. Then, ideally, the spec extension process should require trusted types for such new sinks. Is that process defined somewhere?

[lukewarlow]

Hopefully once this is ready to go specs like HTML can make use of HTMLString directly and it can be more formal rather than this spec having to monkey patch each place. But it would still be good to ensure this sort of thing happens.

[mbrodesser-Igalia]

Closing this ticket since the original question was answered and the spec extension process will be covered by #385, see #385 (comment).