W3C home > Mailing lists > Public > www-font@w3.org > April to June 2011

Re: css3-fonts: should not dictate usage policy with respect to origin

From: John Daggett <jdaggett@mozilla.com>
Date: Thu, 30 Jun 2011 13:09:56 -0700 (PDT)
To: Glenn Adams <glenn@skynav.com>
Cc: John Hudson <tiro@tiro.com>, Vladimir Levantovsky <Vladimir.Levantovsky@monotypeimaging.com>, liam@w3.org, StyleBeyondthePunchedCard <www-style@w3.org>, public-webfonts-wg@w3.org, www-font@w3.org, "Martin J." <duerst@it.aoyama.ac.jp>, Sylvain Galineau <sylvaing@microsoft.com>
Message-ID: <1351398007.392753.1309464596622.JavaMail.root@zimbra1.shared.sjc1.mozilla.com>
Glenn Adams wrote:

> So, there is no end-user risk that is being addressed here other than
> the hypothetical case of violating an EULA? Is that really what all
> this noise is about? 

No Glenn, this is an information leakage issue, it allows for the
contents of a font, the glyph data, to be transmitted beyond the
boundaries specified by an *author* (for example, on an access-limited
site), not just beyond what is allowed by some form of licensing.

> Could you send me or point me at a EULA for which SOR on fonts is
> relevant?

Ascender (Microsoft distributes their fonts via Ascender)

>From their Web Fonts EULA:
http://www.fontslive.com/info/web-fonts-eula.aspx

> 11. “Web Site” as used herein shall be the web site identified by you
> in your account at ascenderfonts.com; (i) which utilizes the Ascender
> hosted Web Font Software in its web pages through the use of the
> Services, (ii) which does not in any way enable the permanent
> installation of the Web Font Software by End-Users on any workstation,
> computer and other electronic device, and (iii) which reasonably
> restricts access to Web Font Software from use in any way by web pages
> or any document not originating from your Web Site (For example; by
> using referrer checking to prevent hotlinking or deeplinking).

FontFont 

>From their Web Fonts EULA:
http://www.fontshop.com/licenses/fontfont/

> 2.3. Font Software File Protection. You must ensure, by applying
> reasonable state-of-the-art measures, that other websites cannot
> access the Font Software for display (e. g. by preventing hotlinking
> and blocking direct access to the Font Software via .htaccess or other
> web server configurations).
Received on Thursday, 30 June 2011 20:10:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 30 June 2011 20:10:45 GMT