RE: RE: New work on fonts at W3C from Chris Wilson on 2009-06-23 (www-style@w3.org from June 2009)

From: Chris Wilson <Chris.Wilson@microsoft.com>
Date: Tue, 23 Jun 2009 21:01:33 +0000
To: Dave Crossland <dave@lab6.com>
CC: "www-style@w3.org" <www-style@w3.org>
Message-ID: <61027177C88032458A7862054B3C62580371DC@TK5EX14MBXW652.wingroup.windeploy.ntdev.>

Dave Crossland wrote:
>It becomes DRM when you say, "UAs are expected to honor those [restrictions]"

If a web font says "I'm only licensed to be used on myorg.com", it's DRM if UAs don't render it on other domains too?

>A non-DRM web font format to me means "web font format that specifies
>what license and restrictions the font carries, font vendors define
>those restrictions, and the UAs are expected to display them to users,
>but there's no strong crypto or  single-vendor-controlled system
>'protecting' the font or UAs enforcing restrictions on users."

UAs won't "display [licenses] to users."  My mom doesn't want to see the license for Comic Sans, nor would she know what to do with it.

>I agree that scarcity of licensing information in file metadata is the
>central problem

Yup.

>fonts would not be directly drag and dropped into the OS font system
>as a side-effect of supplying this metadata.

I think so.

>Checking the information is okay, it depends what UAs are required by
>a W3C Rec to do with it; are they required to use the machine-readable
>licensing information to _assist_ people and display that information,
>or to _manage_ people and enforce restrictions?

Wait, doesn't CORS enforce restrictions?  Does that make CORS DRM?

>> look about the same.  Trying to carry licensing information to instruct
>> proper usage is like putting up signs saying whether the water is
>> potable or not - it doesn't stop people from drinking it, but it does
>> encourage doing the right thing.
>
>Here you seem to be talking about assisting people and not expecting
>UAs to enforce restrictions.

Hmm.  I think we think of "enforcing restrictions" differently.  I WOULD expect UAs not to allow usage (say, non-allowed-domain usage) to work.  I would not expect that it is fantastically difficult, for a so-minded unscrupulous individual, to go remove those restrictions (illegally (=outside of license allowance)).  Trying to put up an impregnable fortress is one thing, putting a railing around a cliff is another.

>P.S. Thanks for a thoughtful discussion, I'm enjoying this :-)

As am I.  But unfortunately I will need to drop from this conversation somewhat for a couple of days; I'm travelling (to @media2009) and will be offline.  I'll pick back up when I get back on line.

-Chris

Received on Tuesday, 23 June 2009 21:02:15 UTC