Re: Protecting WebFonts from Gary Ruben on 1996-08-23 (www-font@w3.org from July to September 1996)

From: Gary Ruben <gdr@cataneo.bitstream.com>
Date: Fri, 23 Aug 1996 13:13:58 -0400
To: lee@sq.com
CC: mduerst@ifi.unizh.ch, michael@cascadilla.com, www-font@w3.org
Message-ID: <321DE6D6.41C67EA6@cataneo.bitstream.com>
lee@sq.com wrote:
> 
> >> [...]  people in a corporate environment using a firewall probably can't
> >> see the font at all.  Worse, SSL isn't in all browsers, and there are
> 
  [ Gary ]
> > Actually, I think this has a positive for people in a corporate site
> > behind the firewall.
> 
> That they can't see embedded fonts at anyone else's sites?
> I don't think that will go over very well.
Okay, so maybe SSL is not the answer. We need just *some* standard
encryption
mechanism that both browser and server can agree on to transmit the
font.
> 
> Corporate users are a large part of Netscape and Microsoft's revenue :-)
> 
> Maybe Netscape could say that relying on SSL to use fonts would increase
> their Communications Server sales, though, and not mind too much.
I'm sure they'd love it. (:-)

> 
> However all that may be, SSL only pretects data from being copied whilst
> in transmission.  If the (encryptyed) font is available at a published
> URL, there is no point in uing SSL whatsoever -- instead of stealing
> the transmitted packets, you could easily fetch the same data from the
> URL directly.
If it's encrypted, what good does it do you to steal it from the site.
Fonts on document servers probably *should* be encrypted. But then we
are talking about a standard encryption. If this is spec'd, what's to
keep someone from writing a browser or "font-crawler" specifically for
collecting fonts - they'd know how to decrypt any font they request.
Perhaps the idea of a "trusted agent" comes into play here. A document
or font server has to have a trusted authentication exchange with the
client before it serves up a font?

> 
> Once the font has arrived, the issues are
> 1 is it ever stored decrypted
>   (e.g. what is stored in the browser cache should be the same byte sequence
>   that was received over the network, not the decrypted font)
Or encrypted by the browser if it was not sent securely, or just
encrypted by the browser (say with its own public key) anyway.

> 
> 2 when you print to a file, making a PostScript file on disk,
>   how easy is it ti remove the font and reuse it?
>   (this is where I suggested the use of random encodings)
Yes. This is a problem with PS print files. The browser could certainly
build its own reencoding vector, but I think this is probably a lot to
ask of the browser writers. They would probably be happier if they could
just use the standard OS print mechanics.
> 
> 3 is the font ever installed as a system font?
>   (not doing this requires that the browser have its own font renderer.
>   This will be necessary under X Windows, which does not in general allow
>   dynamic font downloading; in environments that are more typographically
>   aware, care is needed to make sure that the font remains private to the
>   browser.  If I'm looking at a page in Bembo, I shouldn't be able to get
>   out MS Word and use Bembo & print just because another application is
>   using the font.
Both Windows and Mac OSes have these mechanisms available. This is how
MS Word does embedding now (not that I am recommending *embedding* for
Web fonts!). I have written a few apps that use private installation.
It's relatively easy (tho obscure) and the fonts _do not show up_ in
other apps menus (or in Windows' font folder, for that matter).

> 
> 4 can a font published at one site be used by another site without an
>   intervening font purchase?  In other words, if you use Berthold Bembo
>   for your web pages, and I decide I like it better than Monotype Bembo,
>   I must not be able to use the URL of your copy of Membo in my style sheets,
>   because then I am publishing using someone else's font.  I should have
>   to buy Berthold Bembo.
I agree. This is why I suggested that only relative URLs be used in the
markup, and the browser would enforce the "no other server" protocol for
font references. Netscape already does this for Java applets.

> 
>   It would be helpful if the OpenType font format could include
>   * the URL for the vendor who sold the font
>   * the URL for the foundry where the font was made
>   along with copyright notices and a textual version of the URLs.
>   Eventually these may become URNs, I suppose.
> 
>   Then I can say:
> 
> 5 Web User Agents must be able to display font copyright and vendor contact
>   information, using a method that is visible (e.g. a menu item, not an
>   undocumented control-shift-meta-right-click Easter-egg option)
Possibly a good item to add to the "document info" menu item (I know,
not all browsers implement it - they really should).
> 
> Lee


Gary

====================================================================
 Gary Ruben                             Bitstream Inc.
 Senior Software Engineer               215 First Street
 mailto:gdr@cataneo.bitstream.com       Cambridge MA 02142-1270 USA
--------------------------------------------------------------------
Bitstream does not necessarily endorse any opinions expressed here.
       (Come to think of it, you might not either. 8-o)
====================================================================
Received on Friday, 23 August 1996 13:18:53 UTC