- From: Tab Atkins Jr. <jackalmage@gmail.com>
- Date: Thu, 2 Jul 2009 18:46:13 -0500
- To: Sylvain Galineau <sylvaing@microsoft.com>
- Cc: Thomas Lord <lord@emf.net>, luke whitmore <lwhitmore@gmail.com>, "www-font@w3.org" <www-font@w3.org>
On Thu, Jul 2, 2009 at 6:33 PM, Sylvain Galineau<sylvaing@microsoft.com> wrote: > Which in practice - i.e. the way the feature is used in the field - means a same-origin check is done on the file on > Behalf of the license holder. I gather that if the same-origin rule is embedded in the file, then people assume it > constitutes DRM. Let's just say the number of non-lawyers making that claim vastly outnumbers the real one but I'm open to > an expert opinion. (as in, from a real lawyer with an expertise in the matter). > > I note that Firefox 3.5 does a same-origin check on web fonts by default. I'm not aware of any standard that requires it as of now. As I noted elsethread, Thomas, rootstrings are functionally identical to same-origin restrictions. The only difference is in where the information is stored: rootstrings give the allowed origins explicitly in the font, while same-origin gives the allowed origin implicitly based on the URL used to reach the font (plus additional origins given explicitly by CORS headers in the response). (I'll note, though, that US courts have shown multiple times that they are completely clueless about what constitutes DRM under the DMCA, and so even these sorts of restrictions are indeed potential concerns, at least theoretically. Even if we reasonable people may agree about whether it is or is not, there's no guarantee that a future litigious company won't be able to successfully convince a court that rootstrings or the like are a DRM system that is illegal to bypass. Just a note, for thread viewers who may not be familiar with US law in this matter.) ~TJ
Received on Thursday, 2 July 2009 23:47:13 UTC