- From: Glenn Adams <glenn@skynav.com>
- Date: Fri, 17 Jun 2011 15:33:08 -0600
- To: W3C Style <www-style@w3.org>
- Message-ID: <BANLkTikBEUvY7yvKbM5kZ7MOeC6RXqokyg@mail.gmail.com>
In [1], section 4.8, are specified constraints on use of css 3 fonts features, and, in particular, mandate cross origin reference constraints and the use of CORS. Such constraints constitute policy requirements that are unrelated to the definition of the underlying mechanisms defined by css3-fonts. Furthermore, effective use of the defined mechanisms does not depend on such a policy. Therefore, these policy requirements should be removed. If a specification defining UA behavior makes reference to css3-fonts and wishes to impose such a policy, then it may do so independently, and without affecting the functionality of the css3-fonts mechanism itself. Note that under a heading of "Security Issues", it may be indicated that such a policy may need to be defined and enforced by an external mechanism, defined outside of this specification. Please consider this a formal comment (and objection) from Samsung to imposing such policy constraints in this specification. Regards, Glenn Adams (for Samsung) [1] http://dev.w3.org/csswg/css3-fonts/#same-origin-restriction
Received on Friday, 17 June 2011 21:34:04 UTC