- From: Thomas Phinney <tphinney@cal.berkeley.edu>
- Date: Sun, 5 Jul 2009 21:50:16 -0700
- To: John Hudson <tiro@tiro.com>
- Cc: "Tab Atkins Jr." <jackalmage@gmail.com>, John Daggett <jdaggett@mozilla.com>, www-font@w3.org
On Sun, Jul 5, 2009 at 9:25 PM, John Hudson<tiro@tiro.com> wrote: > Tab Atkins Jr. wrote: > >> For example, you could add in the font name, purchaser's name, and a >> unique serial number identifying the sale. To prevent tampering, sign >> all of it with your private key. Anyone can then verify the >> information with your public key (which you can even put into the font >> metadata next to all the other data), but they can't change it short >> of breaking the basis of all modern cryptography (and then you've got >> a lot more to worry about than people infringing on your copyright). > > Some vendors are already adding such information to fonts, automatically at > point of sale, and digitally signing the fonts. This is currently being done > in private font tables, but a standard table might also be defined. There > has also been some talk of methods for watermarking fonts à la images. Although this is fine as far as it goes, it does NOT "prevent tampering." Remember, the font is not encrypted, just signed. Somebody deletes the signature and the custom data, and it's untraceable which customer the font came from. That doesn't mean it's not worth doing. It's another post in the garden fence, is all. Cheers, T
Received on Monday, 6 July 2009 04:50:56 UTC