IETF Logo Mail Archive

Re: [websec] font sniffing

"Martin J. Dürst" <duerst@it.aoyama.ac.jp> Tue, 25 October 2011 06:30 UTC

Return-Path: <duerst@it.aoyama.ac.jp>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB07221F8C32 for <websec@ietfa.amsl.com>; Mon, 24 Oct 2011 23:30:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.331
X-Spam-Level:
X-Spam-Status: No, score=-99.331 tagged_above=-999 required=5 tests=[AWL=0.459, BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id offUzjlzqc8s for <websec@ietfa.amsl.com>; Mon, 24 Oct 2011 23:30:04 -0700 (PDT)
Received: from scintmta02.scbb.aoyama.ac.jp (scintmta02.scbb.aoyama.ac.jp [133.2.253.34]) by ietfa.amsl.com (Postfix) with ESMTP id 1BFD821F8B76 for <websec@ietf.org>; Mon, 24 Oct 2011 23:30:02 -0700 (PDT)
Received: from scmse01.scbb.aoyama.ac.jp ([133.2.253.231]) by scintmta02.scbb.aoyama.ac.jp (secret/secret) with SMTP id p9P6U2Fl029617 for <websec@ietf.org>; Tue, 25 Oct 2011 15:30:02 +0900
Received: from (unknown [133.2.206.133]) by scmse01.scbb.aoyama.ac.jp with smtp id 288d_56df_c4f48756_fed2_11e0_a743_001d096c566a; Tue, 25 Oct 2011 15:30:02 +0900
Received: from [IPv6:::1] ([133.2.210.1]:56598) by itmail.it.aoyama.ac.jp with [XMail 1.22 ESMTP Server] id <S1563245> for <websec@ietf.org> from <duerst@it.aoyama.ac.jp>; Tue, 25 Oct 2011 15:30:06 +0900
Message-ID: <4EA65768.60205@it.aoyama.ac.jp>
Date: Tue, 25 Oct 2011 15:30:00 +0900
From: "\"Martin J. Dürst\"" <duerst@it.aoyama.ac.jp>
Organization: Aoyama Gakuin University
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.9) Gecko/20100722 Eudora/3.0.4
MIME-Version: 1.0
To: Anne van Kesteren <annevk@opera.com>
References: <CAJE5ia82hhiyQHboBg5cWLe_=VdSZ1pFgFi0_TiiwgJKxKesfw@mail.gmail.com> <C68CB012D9182D408CED7B884F441D4D0605EFA3B4@nambxv01a.corp.adobe.com> <4EA4D8B8.7010108@gondrom.org> <op.v3umd8p264w2qv@annevk-macbookpro.local> <4EA52C49.1090308@gondrom.org> <op.v3umz3sv64w2qv@annevk-macbookpro.local> <4EA6143D.8060009@it.aoyama.ac.jp> <op.v3vysenw64w2qv@annevk-macbookpro.local>
In-Reply-To: <op.v3vysenw64w2qv@annevk-macbookpro.local>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: websec@ietf.org
Subject: Re: [websec] font sniffing
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Oct 2011 06:30:04 -0000

On 2011/10/25 11:34, Anne van Kesteren wrote:
> On Tue, 25 Oct 2011 10:43:25 +0900, Martin J. Dürst
> <duerst@it.aoyama.ac.jp> wrote:
>>> But who is at fault is not what we are interested in here I think. We
>>> are interested in defining when implementations have to sniff. They very
>>> much have to sniff for fonts.
>>
>> Yes. If somebody has enough energy, it would still make sense to
>> register font types.
>
> Because..?

- Font formats, as well as other Mime types, are not only used by Web 
browsers.
- There may be new formats, for which no sniffing is done yet.
- Servers may prefer to declare what they are sending out rather than to 
be silent about it, even if not all clients use that information.
- Once we have registered types, sniffing could in the long term maybe 
even go away.

Regards,   Martin.

v2.23.0 | Report a Bug | By Email