W3C home > Mailing lists > Public > www-font@w3.org > July to September 2009

Re: The other party in all this

From: Tab Atkins Jr. <jackalmage@gmail.com>
Date: Tue, 7 Jul 2009 10:05:15 -0500
Message-ID: <dd0fbad0907070805p2284e141taabce5db725395cc@mail.gmail.com>
To: Mikko Rantalainen <mikko.rantalainen@peda.net>
Cc: www-font <www-font@w3.org>
On Tue, Jul 7, 2009 at 5:32 AM, Mikko
Rantalainen<mikko.rantalainen@peda.net> wrote:
> Thomas Phinney wrote:
>> On Sun, Jul 5, 2009 at 9:25 PM, John Hudson<tiro@tiro.com> wrote:
>>> Tab Atkins Jr. wrote:
>>>
>>>> For example, you could add in the font name, purchaser's name, and a
>>>> unique serial number identifying the sale.  To prevent tampering, sign
>>>> all of it with your private key.  Anyone can then verify the
>>>> information with your public key [...]
>>
>> Although this is fine as far as it goes, it does NOT "prevent
>> tampering." Remember, the font is not encrypted, just signed. Somebody
>> deletes the signature and the custom data, and it's untraceable which
>> customer the font came from.
>
> Encryption is used to make something secret from some other party. A web
> font is designed to be available to anybody accessing a web page that
> uses the font. As a result, if encryption is used, anybody must be able
> to decrypt the font. Why use encryption at all if anybody must be able
> to decrypt it (that is, the decryption key must be public)?
>
> You bring up the problem that somebody could extract the actual font
> data (shapes, kerning, other stuff) and save that data as another font
> file sans the original licensing information. I hope that you understand
> that there's no way that it can be prevented as long as all that data
> must be made available to anybody. Either you make that data available
> to anybody (and it can be copied) or you don't distribute that data as a
> web font. The actual encoding (the "font format") does not change this fact.
>
> The best you can do is to attach a digitally signed license to a font
> and declare that (1) a font without such license is not legally
> licensed. However, the declaration (1) cannot effectively be part of the
> font file because the file can be changed and any declaration can be
> changed or removed.
>
> Copying of data cannot be prevented if anybody is able to access the
> data. Sure, it has been tried. See DRM systems for an example. Perpetual
> moving machines have been also tried. Both are equally valid targets.

Yup, that's the basic point.  DRM (that is, a method of encrypting
data such that the client can decrypt it *some* of the time but not
*all* of the time) is never workable, and nobody's seriously proposed
such a thing on the list because we all basically realize this (I know
it's a hoped-for solution among some off-list parties, but I believe
they're simply unaware/unconvinced that DRM is a hopeless dream).

However, as it was pointed out elsewhere, *very* few people would go
to the trouble of ripping out the license table.  That's very
obviously an act that takes you from "Ooh, I wanna use that cool
font!" to "Bwahaha, those font foundries will never stop me!".
Relatively few people will do that, at least for a while.  (Since you
can do it once and then just distribute the new unlicensed file, it's
possible that the unlicensed file may become prevalent due to
filesharing, but I see widespread font filesharing as somewhat less
common than movie/game/music filesharing.)

Strangely enough, this sort of thing is likely *more* effective if it
does *not* have any effect.  Then it functions as the "silent alarm"
that someone else mentioned, whereas enforced metadata will make
people go out of their way to remove it.

~TJ
Received on Tuesday, 7 July 2009 15:06:12 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 11 June 2011 00:14:02 GMT