A stable specification like W3C HTML5 should not have normative mandatory-to-implement references to other specifications where the references are undated, as reviews, interoperability testing, legal contracts, test suites, conformance cannot be reliably be performed with consistent results.
For the [MIMESNIFF] reference, my preferred resolution of this bug would be to make the [MIMESNIFF] reference advisory and informative rather than normative, e.g., referenced as a security consideration.
An alternative would be to create a W3C snapshot of some draft of mimesniff.spec.whatwg.org and make a normative reference to _that_.
EDITOR'S RESPONSE: This is an Editor's Response to your comment. If you are
satisfied with this response, please change the state of this bug to CLOSED. If
you have additional information and would like the Editor to reconsider, please
reopen this bug. If you would like to escalate the issue to the full HTML
Working Group, please add the TrackerRequest keyword to this bug, and suggest
title and text for the Tracker Issue; or you may create a Tracker Issue
yourself, if you are able to do so. For more details, see this document:
Status: Additional Information Needed
Change Description: No spec change.
Rationale: We can't make the reference to MIMESNIFF non-normative.
Please reopen this bug if and when someone creates a W3C snapshot that
we could reference.