- From: John Hudson <tiro@tiro.com>
- Date: Sun, 05 Jul 2009 20:20:59 -0700
- To: John Daggett <jdaggett@mozilla.com>
- CC: www-font@w3.org
John Daggett wrote: > My guess is that you already know this but I think the word "protect" > is used a lot by font designers and vendors so I think it's important to > point out that none of the formats under discussion really "protects" font > data in way that things like iTunes "protects" DRM-ed music. All the > formats under discussion (EOT, EOT-lite, Ascender's proposal, ZOT) are > merely attempts to create a small fence, to make it more evident when a > font is being used in a unlicensed way. Acknowledged. > Just as with images or Javascript code on a site, this boils down to a > decision by your client as to how best to balance the possibility of > "exploitation" of site assets with the increased functionality these > assets bring to the site. Someone may try and sell you on one format or > another as being a format that "protects" your assets but for any of the > formats under discussion, your font data will always be one step away > from exploitation by someone with the right tool. Also acknowledged. > If user agents implement same-origin restrictions on fonts and support > some form of compressed data format for TrueType/OpenType fonts, simple > hot-linking won't work and the fonts won't be usable as normal desktop > fonts, at least initially. If font vendors include per-sale information > identifying the site for which a font is licensed in the font metadata, > detecting unlicensed usage on other sites should be easy to identify by > an automated process. Neither of these are ironclad but should at least > prevent casual misuse. Yes. It isn't the level of protection I'd like to see, but it is a level that I find an acceptable minimum. Presuming that there are enough people on the browser side who see it as an acceptable maximum, I think this is a basis for consensus. John Hudson
Received on Monday, 6 July 2009 03:21:42 UTC