From: Mark E. Shoulson (mark@kli.org)
Date: Tue Dec 02 2003 - 21:33:34 EST
On 12/02/03 18:32, Philippe Verdy wrote:
>One way to achieve this is to only allow embedding of embeddable fonts
>within unmodifiable documents. This means a "export for publication"
>function in word processors, which should be the only way to create first a
>unmodifiable and signed document content, in which embedded fonts will be
>imported using the unmodifiable document content signature to encrypt the
>embedded font which will be attached to the document.
>
OK, you can probably encrypt a font with a key depending on, say, a hash
of the document to get a document-specific key. But the fact is, you're
still sending me the key and the encrypted message (font). Having both,
I can decrypt the font and have an unencrypted version of it (indeed, I
must, or else my computer can't render it). So why can't I save that
now-decrypted font and copy it and use it? Oh, the software won't let
me? If the standard is open (as it probably has to be), someone will
very quickly write some software that does the work but doesn't "play by
the rules" and keep the decrypted font sequestered. And if the standard
isn't open... well, someone will do the same thing, anyway.
The end-user's machine MUST have the unencrypted font, in order to
render it. Unless the document is decrypted and displayed only by the
server's software, that font is thus under the user's control, and all
fancy encryption is for naught.
Embedding partial fonts helps, in the sense that you can't steal *all*
the font, just the letters I happened to use, but that's neither here
nor there, and is mostly useless if I wind up using a large segment of
the font (which can easily happen).
~mark
This archive was generated by hypermail 2.1.5 : Tue Dec 02 2003 - 22:11:08 EST