- From: Robert O'Callahan <robert@ocallahan.org>
- Date: Fri, 3 Jul 2009 12:00:55 +1200
- To: Sylvain Galineau <sylvaing@microsoft.com>
- Cc: Thomas Lord <lord@emf.net>, luke whitmore <lwhitmore@gmail.com>, "www-font@w3.org" <www-font@w3.org>
- Message-ID: <11e306600907021700s2b30bae9t6135da109bf72a91@mail.gmail.com>
On Fri, Jul 3, 2009 at 11:33 AM, Sylvain Galineau <sylvaing@microsoft.com>wrote: > Which in practice - i.e. the way the feature is used in the field - means a > same-origin check is done on the file on > Behalf of the license holder. I gather that if the same-origin rule is > embedded in the file, then people assume it > constitutes DRM. Let's just say the number of non-lawyers making that claim > vastly outnumbers the real one but I'm open to > an expert opinion. (as in, from a real lawyer with an expertise in the > matter). > > I note that Firefox 3.5 does a same-origin check on web fonts by default. > I'm not aware of any standard that requires it as of now. > There's a very important difference between what we're doing and rootstrings. Rootstrings are carried around with the font. and purport to specify restrictions on how that font may be used. They look very much like an embedded, enforced font license. Our same-origin checks are applied uniformly to every font unless relaxed by instructions from the Web author. Since they are entirely ignorant of font metadata, it's hard to argue the browser is enforcing a license. We're just providing a tool for Web authors to control the use of their resources, a tool that has many uses. Of course there are other important differences, like the same-origin model is much easier for authors to deal with. Rob -- "He was pierced for our transgressions, he was crushed for our iniquities; the punishment that brought us peace was upon him, and by his wounds we are healed. We all, like sheep, have gone astray, each of us has turned to his own way; and the LORD has laid on him the iniquity of us all." [Isaiah 53:5-6]
Received on Friday, 3 July 2009 00:01:31 UTC