The spec is phrased in terms of each file containing a single "PNG image", which is a transformed form of a single abstract image which takes the form of a rectangular grid of rectangular pixels. It's not hard to relax the spec into a frozen MIP map (the generalized superset to which stored thumbnails belong) while remaining compliant with that abstract definition.

(And they probably spec'd it that way because they had EXIF thumbnails (embedded in JPEGs) as prior art to inspire potential future improvements.)

Yes, standards can be amended, and if they are, that should happen through the same open participatory process that created the standard. And not by Mozilla shitting on that process and trying to hijack PNG.
And that is precisely the textbook definition of "embrace and extend", adding proprietary extensions to a standard which creates interoperability problems for those who wish to use the simple standard.
Finding out whether an image with PNG file signature is animated increased your attack surface by orders of magnitude thanks to APNG.
Any additional complexity should be kept to a minimum. Complexity is the enemy of security. Writing your own parsers for variable-length content? I bet if you give 10 random stackoverflow users this task, then 2-3 of them would write code that is vulnerable to the mentioned potential integer under-/overflows or out of bounds memory access mentioned in the other thread.

The other craziness you mention you can easily opt out of by not using them.

So if you care about open standards, APNG must be stopped. If you care about security, APNG must be stopped.

Except that Firefox did everything they could to get it accepted as part of the standard. The ones who decided to keep it proprietary wasn't Mozilla, it was the people in charge of the PNG format.

As TheBlackCat mentioned, Mozilla did work with the PNG Group to establish APNG as a standard. So this "hijack" talk is plain hyperbole in the least, could also be seen as something else.

Except APNG does not cause interoperability issues, as a simple decoder will still decode the file and show an image, exactly what said simple decoder is supposed to do when it encounters image/png.

Exaggeration.

Firefox has shipped with APNG for a long time now. In all that time, how often was the browser compromised with APNG being the attack vector? How often were various websites compromised with APNG being the attack vector?

But the browser will need to support them. And anything the browser exposes to the web is a potential attack vector. So by your argumentation, we shouldn't be adding anything new to the web.

I care about open standards, which is why I said in my first post in this thread that the PNG Group should show flexibility here and amend the standard. I also do care about security, but I don't see how APNG will bring about the end of the world (which is how your posts read).

Mozilla submitted their APNG proposal to the PNG workgroup, and when the proposal was not accepted as-is, they went ahead anyway. This is what I call shitting on the PNG standard.

An example was already mentioned, a forum operator wants to allow PNG forum avatars but not animated ones. This is an interoperability issue for someone who wishes to use the simple standard.

Distinguishing by a fixed length file signature is orders of magnitude less complex than parsing PNG structures. Claiming otherwise is preposterous.

Obviously I am not talking about browser security here.

How often have Linux systems been compromised by desktop file indexers? That using complex parsers on content from the Internet hasn't yet resulted in disaster does not mean that this is obviously a very bad idea.

APNG will not bring the end of the world by itself.
It is however introducing interoperability problems thanks to embrace and extend, and it is a gratuitous security risk because it is not trivial to distinguish from PNG. Both could have been easily avoided if APNG had chosen their own file signature and not pretend it is "simply PNG". It would just be another proprietary image format that you could ignore.

I started writing a full reply, but it quickly became obvious that the reply would largely be just a repeat of what I already wrote.

So I'll just write this and be done with it: While you say "APNG will not bring the end of the world by itself", your posts give the impression as if it will, your opposition to APNG is simply so great.

Indeed, I think all arguments have been mentioned now.
Supporting APNG is not the end of the world, but clearly a step back into proprietary formats and the embrace and extend mindset. Therefore it should be avoided in its present form.

Which is the exact opposite of "embrace and extend", whose whole purpose is to lock out other parties from using the extensions in order to give your version an advantage. Publishing the changes for anyone to use freely whenever they want is also the exact opposite of "embrace and extend". What we have here is a simple disagreement about how PNG should work. The people in charge of PNG are on one side. Now, most browsers on the other. The fact that so many browsers have implemented Firefox's approach suggests that it may not have been such a bad idea after all. Firefox certainly doesn't have the browser share right now to force anyone to do things their way.

That browser vendors support proprietary formats or features is not new. VP8/VP9 is also supported almost universally now.
Also the cost for the browser vendors is minimal. The primary burden will be on others.

No, "embrace and extend" by itself is not anti-competitive. I think even Microsoft said so. Only the "extinguish" part is anti-competitive, and I give to Mozilla that they stopped short of that.