Re: Downloadable fonts and image replacement

At 02:42 AM 4/27/2006, Håkon Wium Lie wrote:
>Also sprach Steve Zilles:
>  > The DRM bits are not "protection measures"; they are usage 
> information. It
>  > tis the User Agents that have an obligation to implement correct usage so
>  > that the user of the UA does not have to concern himself with the 
> rules and
>  > can count on his UA to do the right thing for him.
>To clarify: do you refer to the embedding bits of TrueType/OpenType
>[1] as DRM? The way I understand the term "DRM", it should have an
>"active" component, one that shuts off access when it smells something

Yes, as you note in your excerpt below I do support requiring UA's to 
interpret and obey the bits.

>  > Having the CSS specification require that UA's implement detection of and
>  > correct respect for the DRM information is a proper and correct 
> function of
>  > the specification.
>The CSS specification can not and should not require support for any
>specific formats. Further, CSS cannot make rules about how to
>interpret other formats. CSS cannot demand support for JPEG and
>certainly cannot specify how to interpret the EXIF bits in JPEG. So,
>while I'd personally insist that Opera respects the embedding bits of
>Truetype, the CSS specification cannot do so. This is the job of the
>TrueType specification [1].
>[1] that is, the fsType field in the OS/2 table, as described at

The role of the TrueType or OpenType specification is indeed to define what 
its contents mean. It is, however, perfectly within the scope of the CSS 
standard to (a) define what formats can be used with CSS and (b) for each 
of those identified formats to define what conformance means for a CSS UA. 
So, the CSS specification could say that, "a conforming CSS UA must respect 
any usage information included in the fonts used to display content styled 
with CSS." That does not limit what formats can be used, it simply says 
that a UA does not conform to the CSS specification if it does not respect 
the DRM information. (Note that the font format in question must define 
what "respecting the DRM information" means for that font format.)

Note that it is important to separate what CAN be said in the specification 
(what mechanisms can be documented) versus what SHOULD be said in the 
specification (what policies should be advocated). My comments in the 
paragraph above are intended solely to say what CAN be said.

Separately, I am also arguing that such a statement SHOULD be made, but 
that is, as I well understand, a point of debate. I have given my reasons 
why I think the specification should have a conformance requirement on font 
usage; I would be interested in the reasons why people think it should not 
have such a requirement. (Saying CSS cannot say such things is not such a 

I, of course, also recognize that people may wish to build and distribute 
UA's that do not respect DRM information and, therefore, do not conform as 
proposed above, but my main argument is that many important users will want 
to use UA's that do conform and protect them from allegations of misuse 
(either inadvertent or intentional).

Steve Zilles
115 Lansberry Court,
Los Gatos, CA 95032-4710 

Received on Thursday, 27 April 2006 22:43:07 UTC