W3C home > Mailing lists > Public > www-style@w3.org > November 2008

Re: CSS3 @font-face / EOT Fonts - new compromise proposal

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Tue, 11 Nov 2008 00:48:16 -0500
Message-ID: <49191CA0.5020301@mit.edu>
To: Thomas Phinney <tphinney@adobe.com>
CC: "www-style@w3.org" <www-style@w3.org>

Thomas Phinney wrote:
> I asked:
>>> 3) Why is nobody worried about access control being a DMCA-covered
>> issue? Not just for fonts, but for any resources that use it? Is it
>> because the answer to my question #2 above is "yes"?
> 
> Boris Z responded:
>> Because there is no issue of additional controls on access here.  The
>> data is public (modulo cookies, etc).  If you access it via wget (or
>> heck, telnet to port 80) you will get it (again, modulo cookies).
>> Since
>> the data is only being exposed to those explicitly authorized to get it
>> (everyone, the user with cookies, etc, depending on the site
>> configuration) there is no circumvention of anything going on.
>>
>> At least as far as I can see.
> 
> And what stops somebody from writing a patch to an open source browser that changes that? That is, exactly the same scenario that was posited as being an issue with obfuscation....

Changes what, exactly?

All the browser is doing with Access-Control is preventing a software 
agent which is not obviously acting on behalf of the user from accessing 
some data which the user himself can access.  What modification of this 
process would be a concern?

-Boris
Received on Tuesday, 11 November 2008 05:49:00 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 27 April 2009 13:55:16 GMT