- From: David Singer <singer@apple.com>
- Date: Fri, 1 Oct 2010 15:58:35 -0700
- To: John Hudson <tiro@tiro.com>
- Cc: Sergey Malkin <sergeym@microsoft.com>, Christopher Slye <cslye@adobe.com>, Håkon Wium Lie <howcome@opera.com>, public-webfonts-wg@w3.org
I think perhaps that the shoulds should be musts, or the language needs to talk about not making the font available outside its licensed use (if the client can tell it's freely distributable, then you can expose/install it if you like, but I don't know how it would tell) On Oct 1, 2010, at 15:47 , John Hudson wrote: > I suggest the following for the section 1 note text, incorporating Sergey's suggestion re. 'made available for use' and Håkon's reference to caching: > __ > The WOFF format is intended for use with @font-face to provide downloadable fonts linked to specific web pages. It is therefore recommended that WOFF files should not be treated as an installable font format in desktop operating systems or similar environments. The WOFF-packaged data will typically be decoded to its original sfnt format for use by existing font-rendering APIs that expect OpenType font data, but such a decoded font should not be exposed as a file on disk, and while it is acceptable for clients to store decoded files in a cache, such files should not be installed or otherwise made available for use by other processes or documents on the system. > __ > > > Sergey wrote: > > > ...this is one of things people did not like about raw > > fonts lying around on user's disks. With unpacked fonts > > cached, users will be able to grab naked OpenType font > > binary, stripped form WOFF metadata or private data. > > Some encryption/obfuscation may be welcome. > > It would certainly be welcome. I wonder if, presuming existing models for such encryption or obfuscation already exist for other cached data, we might recommend and reference one as part of the WOFF documentation? > > > JH > > David Singer Multimedia and Software Standards, Apple Inc.
Received on Friday, 1 October 2010 22:59:12 UTC