- From: Mikko Rantalainen <mikko.rantalainen@peda.net>
- Date: Thu, 13 Nov 2008 14:51:39 +0200
- To: www-style@w3.org
- Message-ID: <491C22DB.4030002@peda.net>
Brad Kemper wrote: > You must be joining the conversation late. The goal at this point > seems to be to make stealing the font a more deliberate action, not > something that could happen accidentally or casually. Do you require the browser to prevent usage of a stealed font or is it enough that it's possible to prove that the font is not licensed? I ask this, because for the first the browser must be able to decide if the font is correctly licensed for a given usage (a *very* hard task given the current licensing options for commercial fonts) and a good solution does not exist. If the only target is to make it possible to check if, and for who, a font is licensed, all you need is a digital signature. That can be added to font files by commercial font vendors. The signature information could include licensee name and contact information and the whole stuff is then signed with font vendor's private key. The signature can be later verified against vendor's public key by any user (or user agent). The font vendor can even publicly declare that it does not license fonts without signatures and that any font file that claims to be made by said vendor and does not contain vendor's signature is a pirate font. UAs could then respect that claim if they so choose (most UAs probably would). However, the machinery needed to *prevent copying* of the font file, removing the signature, forging the font vendor information and resigning the font file for another signature cannot be prevented (did I already say that DRM system do not work?). -- Mikko
Received on Thursday, 13 November 2008 12:52:20 UTC