W3C home > Mailing lists > Public > www-font@w3.org > July to September 2009

Re: The other party in all this

From: Tab Atkins Jr. <jackalmage@gmail.com>
Date: Tue, 7 Jul 2009 10:05:15 -0500
Message-ID: <dd0fbad0907070805p2284e141taabce5db725395cc@mail.gmail.com>
To: Mikko Rantalainen <mikko.rantalainen@peda.net>
Cc: www-font <www-font@w3.org>
On Tue, Jul 7, 2009 at 5:32 AM, Mikko
Rantalainen<mikko.rantalainen@peda.net> wrote:
> Thomas Phinney wrote:
>> On Sun, Jul 5, 2009 at 9:25 PM, John Hudson<tiro@tiro.com> wrote:
>>> Tab Atkins Jr. wrote:
>>>> For example, you could add in the font name, purchaser's name, and a
>>>> unique serial number identifying the sale.  To prevent tampering, sign
>>>> all of it with your private key.  Anyone can then verify the
>>>> information with your public key [...]
>> Although this is fine as far as it goes, it does NOT "prevent
>> tampering." Remember, the font is not encrypted, just signed. Somebody
>> deletes the signature and the custom data, and it's untraceable which
>> customer the font came from.
> Encryption is used to make something secret from some other party. A web
> font is designed to be available to anybody accessing a web page that
> uses the font. As a result, if encryption is used, anybody must be able
> to decrypt the font. Why use encryption at all if anybody must be able
> to decrypt it (that is, the decryption key must be public)?
> You bring up the problem that somebody could extract the actual font
> data (shapes, kerning, other stuff) and save that data as another font
> file sans the original licensing information. I hope that you understand
> that there's no way that it can be prevented as long as all that data
> must be made available to anybody. Either you make that data available
> to anybody (and it can be copied) or you don't distribute that data as a
> web font. The actual encoding (the "font format") does not change this fact.
> The best you can do is to attach a digitally signed license to a font
> and declare that (1) a font without such license is not legally
> licensed. However, the declaration (1) cannot effectively be part of the
> font file because the file can be changed and any declaration can be
> changed or removed.
> Copying of data cannot be prevented if anybody is able to access the
> data. Sure, it has been tried. See DRM systems for an example. Perpetual
> moving machines have been also tried. Both are equally valid targets.

Yup, that's the basic point.  DRM (that is, a method of encrypting
data such that the client can decrypt it *some* of the time but not
*all* of the time) is never workable, and nobody's seriously proposed
such a thing on the list because we all basically realize this (I know
it's a hoped-for solution among some off-list parties, but I believe
they're simply unaware/unconvinced that DRM is a hopeless dream).

However, as it was pointed out elsewhere, *very* few people would go
to the trouble of ripping out the license table.  That's very
obviously an act that takes you from "Ooh, I wanna use that cool
font!" to "Bwahaha, those font foundries will never stop me!".
Relatively few people will do that, at least for a while.  (Since you
can do it once and then just distribute the new unlicensed file, it's
possible that the unlicensed file may become prevalent due to
filesharing, but I see widespread font filesharing as somewhat less
common than movie/game/music filesharing.)

Strangely enough, this sort of thing is likely *more* effective if it
does *not* have any effect.  Then it functions as the "silent alarm"
that someone else mentioned, whereas enforced metadata will make
people go out of their way to remove it.

Received on Tuesday, 7 July 2009 15:06:12 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:01:40 UTC