W3C home > Mailing lists > Public > www-style@w3.org > November 2008

Re: CSS3 @font-face / EOT Fonts - new compromise proposal

From: John Daggett <jdaggett@mozilla.com>
Date: Mon, 10 Nov 2008 21:46:37 -0800 (PST)
To: Thomas Phinney <tphinney@adobe.com>
Cc: www-style@w3.org
Message-ID: <11572301.48341226382397387.JavaMail.root@cm-mail01.mozilla.org>

> Thomas Phinney:
> > > 3) Why is nobody worried about access control being a DMCA-covered
> > issue? Not just for fonts, but for any resources that use it? Is it
> > because the answer to my question #2 above is "yes"?
> 
> Boris Z:
> > Because there is no issue of additional controls on access here.  The
> > data is public (modulo cookies, etc).  If you access it via wget (or
> > heck, telnet to port 80) you will get it (again, modulo cookies).
> > Since
> > the data is only being exposed to those explicitly authorized to get it
> > (everyone, the user with cookies, etc, depending on the site
> > configuration) there is no circumvention of anything going on.
> >
> > At least as far as I can see.
> 
> And what stops somebody from writing a patch to an open source browser
> that changes that? That is, exactly the same scenario that was posited
> as being an issue with obfuscation....

The access control mechanism is intended as a general mechanism for
handling cross-site requests.  It's not designed to be mechanism for
enforcing copyright restrictions, so I don't think it's as easy to say
that it falls under the circumvention provisions of laws like the
American DMCA.  The use of root strings is clearly intended as a
copyright protection mechanism.

Here's the spec for the access control mechanism:
http://www.w3.org/TR/access-control/

John Daggett
Mozilla Japan
Received on Tuesday, 11 November 2008 05:47:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 27 April 2009 13:55:16 GMT