Re: [websec] Font sniffing
"Anne van Kesteren" <annevk@opera.com> Tue, 25 January 2011 20:03 UTC
Return-Path: <annevk@opera.com>
X-Original-To: websec@core3.amsl.com
Delivered-To: websec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3E9443A6892 for <websec@core3.amsl.com>; Tue, 25 Jan 2011 12:03:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.999
X-Spam-Level:
X-Spam-Status: No, score=-5.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_12=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id swQjRR7ZklXp for <websec@core3.amsl.com>; Tue, 25 Jan 2011 12:02:59 -0800 (PST)
Received: from smtp.opera.com (smtp.opera.com [213.236.208.81]) by core3.amsl.com (Postfix) with ESMTP id E760F3A688F for <websec@ietf.org>; Tue, 25 Jan 2011 12:02:58 -0800 (PST)
Received: from anne-van-kesterens-macbook-pro.local ([178.226.41.244]) (authenticated bits=0) by smtp.opera.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id p0PK5qio013896 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 25 Jan 2011 20:05:55 GMT
Content-Type: text/plain; charset="utf-8"; format="flowed"; delsp="yes"
To: websec@ietf.org, Tobias Gondrom <tobias.gondrom@gondrom.org>
References: <op.vpu5phad64w2qv@anne-van-kesterens-macbook-pro.local> <4D3F2419.4080302@gondrom.org>
Date: Tue, 25 Jan 2011 21:05:53 +0100
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Anne van Kesteren <annevk@opera.com>
Organization: Opera Software
Message-ID: <op.vpvrfygk64w2qv@anne-van-kesterens-macbook-pro.local>
In-Reply-To: <4D3F2419.4080302@gondrom.org>
User-Agent: Opera Mail/11.00 (MacIntel)
X-Scanned-By: MIMEDefang 2.64 on 213.236.208.81
Subject: Re: [websec] Font sniffing
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jan 2011 20:03:00 -0000
On Tue, 25 Jan 2011 20:27:21 +0100, Tobias Gondrom <tobias.gondrom@gondrom.org> wrote: > Anne, > Sorry, I don't understand what you mean with your comment. > AFAIK font sniffing was not the intent for the > draft-ietf-websec-mime-sniff draft. > Do you suggest to do s.th. in websec in this regard (font types) and > why/what? I am not sure what "s.th." means, but similar to sniffing rules for e.g. images (currently in the document) user agents have sniffing rules for fonts (currently not in the document). I think they should both be in the document. And similar to how HTML's definition of <img> references these rules, CSS definition of @font-face probably ought to reference them too. -- Anne van Kesteren http://annevankesteren.nl/
- [websec] Font sniffing Anne van Kesteren
- Re: [websec] Font sniffing Tobias Gondrom
- Re: [websec] Font sniffing Anne van Kesteren