- From: John Hudson <tiro@tiro.com>
- Date: Fri, 01 Oct 2010 15:47:16 -0700
- To: Sergey Malkin <sergeym@microsoft.com>
- CC: Christopher Slye <cslye@adobe.com>, Håkon Wium Lie <howcome@opera.com>, public-webfonts-wg@w3.org
I suggest the following for the section 1 note text, incorporating Sergey's suggestion re. 'made available for use' and Håkon's reference to caching: __ The WOFF format is intended for use with @font-face to provide downloadable fonts linked to specific web pages. It is therefore recommended that WOFF files should not be treated as an installable font format in desktop operating systems or similar environments. The WOFF-packaged data will typically be decoded to its original sfnt format for use by existing font-rendering APIs that expect OpenType font data, but such a decoded font should not be exposed as a file on disk, and while it is acceptable for clients to store decoded files in a cache, such files should not be installed or otherwise made available for use by other processes or documents on the system. __ Sergey wrote: > ...this is one of things people did not like about raw > fonts lying around on user's disks. With unpacked fonts > cached, users will be able to grab naked OpenType font > binary, stripped form WOFF metadata or private data. > Some encryption/obfuscation may be welcome. It would certainly be welcome. I wonder if, presuming existing models for such encryption or obfuscation already exist for other cached data, we might recommend and reference one as part of the WOFF documentation? JH
Received on Friday, 1 October 2010 22:47:52 UTC