- From: Sylvain Galineau <sylvaing@microsoft.com>
- Date: Tue, 4 May 2010 03:44:58 +0000
- To: Anne van Kesteren <annevk@opera.com>, John Hudson <tiro@tiro.com>
- CC: "public-webfonts-wg@w3.org" <public-webfonts-wg@w3.org>
> From: Anne van Kesteren [mailto:annevk@opera.com] > Sent: Monday, May 03, 2010 6:56 PM > I'm not sure what I've done to you to deserve this condescending > treatment. Excuse me ? You call bullshit on new people who are unaware of history but you can drop in here and sound off as if this WG and its work are unnecessary or badly thought through, calling 'FUD' arguments you disagree with, questioning basic principles and design decisions that have been discussed - and, again, implemented - and *I* am the condescending one ? >I thought we were on better terms. We still are. But if you want to dish it out, Anne, you'd better be able to take it. If you can't take it, you should tone it down a notch. > Anyway, I can understand there might be reasons for a new font format > that are beyond my comprehension. Yes. There are. And the intelligent response when one does not know or understand is to ask why things are a certain way instead of flatly asserting that they shouldn't be that way. >As I said elsewhere, I am mostly just surprised that >shifting a few bits around makes people more comfortable. And so what if it does ? If that's all it takes for web authors to use any font they like as opposed to be limited to a few free fonts, why is that bad ? If that's all it takes to achieve the cross-browser web font support that has eluded the web since IE4 and Netscape 4 first implemented downloadable fonts, why not ? Font vendors are on board. They're certainly not on board with raw fonts. And we browser vendors are not on board with DRM. We have a simple, open, coherent solution that compresses raw fonts, has zero DRM, has support across browser vendors and maximizes web author choice. What's not to like ? > However, irrespective of WOFF I made comments on the same-origin policy > and how the proposed design here clashes with the existing design for > the same-origin policy and how I do not think that is a good idea. Where, why and how does it clash ? If a browser does a simple cross-domain request as specified by CORS for font resources, how does that conflict with the 'existing design for same-origin policy' ? I understand you're opposed. I don't understand why though. > While by not attending several meetings my knowledge about fonts may be >greatly limited (HÃ¥kon and I do discuss these things...), I like to think I > know a thing or two about the same-origin policy, being author/editor of > XMLHttpRequest and CORS. You do. And I'd love to hear about *that* as opposed to assertions that 'fonts are like images', or that this format offers 'no protection' etc. That ground has been covered to death and while I no longer have the patience to rehash the whole thing over email, I'd be happy to tell you in person over beers in Oslo if you're up for that. Now if you can comment and elaborate about those areas where you *are* the expert, that's great. >I also made a suggestion for how we could let sites limit cross-origin usage by > having a From-Origin header. Other than out of charter rhetoric I have not heard >much back. Except you haven't explained or established why this is necessary when a working solution already exists. You have asserted that "it does not fit at all with how same-origin restrictions have been determined and applied so far", which is rather lacking as a justification. (And does not sound especially strong when it ends with the decidedly non-definitive 'so far'). You should elaborate on why and how this does not fit, what exact technical issues this will cause so we can understand and agree that a new HTTP header is needed. Thanks.
Received on Tuesday, 4 May 2010 03:45:36 UTC