On to ex-HTML
There's been a bit of debate over the past year or so about W3C possibly doing work in the area of font formats for downloadable fonts. Downloadable fonts are a good thing because they increase the capability of the Web platform (and thus its competitiveness relative to its proprietary competitors), give designers more capabilities to use in their work, and improve the accessibility of Web content to tools and users by keeping text as text rather than leading it to be converted to images.
Microsoft Internet Explorer has long implemented downloadable font support using the Embedded OpenType (EOT) format, which was previously proprietary but has now been submitted to W3C in two parts, EOT and MTX. WebKit, Mozilla, and Opera have now implemented and have either shipped or are planning to ship in their upcoming releases support for downloadable fonts using the widely-used and implemented TrueType and OpenType font formats (the latter is a standard, the former is roughly a pre-standard subset of it, or something like that).
For previous parts of this debate, see posts by Bill Hill and by Chris Wilson at Microsoft, and a post by my Mozilla colleague Robert O'Callahan.
I think there are two big questions in this debate. First, which restrictions would make which font foundries comfortable with selling their fonts for use on the Web? Second, which restrictions don't put an undue burden on browser makers, Web authors, or Web users?
I'd like to look at the EOT proposal in the context of these questions. EOT is a wrapper around OpenType fonts that adds an extra header before the font, and in which some of the contents of the font may be compressed with a different compression algorithm (MTX) and/or obscured using XOR. The extra header contains a root string that gives the hostname or domain with which the font is allowed to be used.
EOT does three things that I'm aware of that might make font foundries more comfortable selling their fonts for use on the Web. These are:
So I'd like to consider my second question first. One of the arguments about EOT is that this third point (and, more generally, the presence of the root string in the file format) is a form of DRM, which is in general known to place an undue burden on all participants in the process (those licensed to use the font, those who develop the software to use it, and anyone else involved) both because because DRM technology often places obstacles in the way of rights that they do have and because the presence of DRM can add additional (perhaps troubling) legal constraints because of laws written specifically about DRM. DRM has also generally proven ineffective, since those determined to break it are capable of doing so. (In the case of EOT, how to break it is documented in the standard itself, which is public, so there isn't even a claim that it might be unbreakable, merely one that it requires effort to break.) I think we should avoid DRM or any DRM-like formats on the Web, for the above reasons, and because one of the core principles of the Web and the technology used to build it is opening up access to information, while DRM is about restricting such access. So I'm opposed to having any DRM-restricted formats on the Web.
Now, my first question: what makes font foundries comfortable licensing their fonts for use on the Web? No matter how downloadable fonts on the Web work, some foundries will never be comfortable selling their fonts for such use. Other foundries, on the other hand, have licensed fonts under open-source licenses. So the question here is not one of absolutes: we should accept that nothing will make all font foundries happy. The question is one of magnitude: we'd prefer that more fonts be available for use on the Web, for the same reasons that we want downloadable fonts in the first place.
So the question is: how many foundries will sell their fonts for use on the Web given a particular set of restrictions? The cross-domain check that Mozilla already implements for its downloadable font support (and is probably a good idea for other reasons) gives foundries item (2) above in the list of what they get from EOT. If we were, say, to standardize a new font format that is the same as OpenType except for an additional 8-byte header at the beginning of the file, that would also provide item (1) in that list.
We could just ask the foundries what would make them comfortable, but when we do, we have to remember that foundries are likely to prefer that browsers have more restrictions. They're not yet comfortable with the business model of selling fonts for use on the Web, and they can't (yet) watch other foundries practicing such a business model. Furthermore, if they would prefer more restrictions, but are still willing to sell fonts for use on the Web with fewer, they have an incentive to say that their breaking point is higher than it really is as part of a negotiation process.
So I think the best path forward, to avoid burdening the Web platform with technology that it doesn't need and that can be harmful, is to determine by experiment how many foundries will sell their fonts. Browsers should all ship interoperable support for downloadable TrueType and OpenType fonts, and then we should see how many authors want to use it and how many fonts become available. Some foundries might only become willing to license their fonts for use on the Web once they see other foundries making money off such business. Once we've observed how many fonts become available once the technology that Mozilla, WebKit, and Opera have already implemented is widely deployed, we can try to determine if additional technology (such as a font format that is simply TrueType plus an extra 8-byte header at the front) would lead to a significant increase in the set of fonts available for use on the Web.