Hi, front-end folks. I would like to ask about web font securing best practices. Here, for example, is an excerpt from license for http://www.fontsquirrel.com/fonts/Monoxil: “Embedding of font software into digital documents or web pages is permitted only in secured read-only mode. User has to secure that it will be impossible to gain font software by any means or to copy it from these documents.”
As far as I understand, typekit.com, makes fonts available only for the current user's session, but the fonts are still being downloaded to the client and once session is initialized you can download the font’s file. Also, I believe typekit may use some kind of technique similar to what can be found on typotheque's FAQ: http://www.typotheque.com/help?id=127 (they may cut down the font to make it less usable for any other purpose than that particular web page where they should be served to) What are the best practices based on the web server’s configuration? What can be done without modifying the font file itself? How can we make the font's serving as secure as possible? What can be done to make it accessible only for some domain? For it not to be accessible with direct link? -- -- You received this because you are subscribed to the "Design the Web with CSS" at Google groups. To post: [email protected] To unsubscribe: [email protected] To unsubscribe, reply using "remove me" as the subject.
