Salut David, Tu peux dormir ? ;-) On Thursday, August 25th, 2005 15:18Z Turner, David wrote: > > My opinion is that the DSIG table is the brain-child of DRM-obsessed > managers at Microsoft Typography (or above), who don't understand much > things regarding security.
They only understand that "security" is a buzzword (and it was even _before_ the 2001 'revolution' codenamed 'code-red'), and that's all that matters about DRM and the like (FUD) :-). > If digital signatures are not mandatory _and_ used with non-reversible > encryption, they're simply useless. Useless about security, probably. Worse, the MS tool that signs does not check many things (and certainly not possible exploit, since none are known ;-)), and anyway you can set it up to allow signing using /another/ checking tool... Which are the reasons why you, George, me, and the majority of the writers in the OpenType thread, believe this is related to anything except computer security. >From the Adobe page about this (http://minilien.com/?J9TnbFnOrb), the two objectives are "Secure identification" (of the provider, i.e. DRM) and "no tampering"; and this page then goes to great length to explain that "Digital signatures do not guarantee that that the font is a good font." OTOH, the "threat" about requiring all fonts to be signed in a future version of Windows is clearly written (remember this page targets font developpers, who should buy the certificates, then manage them.) Even if I believe they never will in fact enforce the threat (as you can read in the thread). All we can add at this point, is that *Free*Type probably will /never/ require fonts to be 'signed', in any future release ;-). David, is it a good point to add this to the website? Antoine _______________________________________________ Freetype-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/freetype-devel
