#25: what, if any, sniffing for fonts is required? The current spec has a stub for sniffing fonts. The use case for this was @font-face, CSS' font linking feature. The request came in http://www.ietf.org/mail- archive/web/websec/current/msg00235.html
However, "That seems very anecdotal. Do you have data to back up these claims?" (in this case, "data" = "significant use cases where sniffing is necessary"). http://lists.w3.org/Archives/Public/public-webfonts-wg/2011Apr/0005.html http://lists.w3.org/Archives/Public/public-webfonts-wg/2011Apr/0012.html Reading those, it looks like there was some disagreement about what types ought to be registered. This seems like a case where there are multiple type definitions which can be distinguished by magic number or other usage patterns, and the question is whether to register them as separate types or to use a single type and disambiguate later in the process at the receiver. In any case, we need to resolve what font sniffing is necessary, what should be sniffed, etc. -- ------------------------+-------------------------------------------- Reporter: masinter@… | Owner: draft-ietf-websec-mime-sniff@… Type: defect | Status: new Priority: major | Milestone: Component: mime-sniff | Version: Severity: - | Keywords: ------------------------+-------------------------------------------- Ticket URL: <https://trac.tools.ietf.org/wg/websec/trac/ticket/25> websec <http://tools.ietf.org/websec/> _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
