On 24/10/11 10:22, Anne van Kesteren wrote:
On Mon, 24 Oct 2011 18:13:45 +0900, Tobias Gondrom
<tobias.gond...@gondrom.org> wrote:
Thanks for the reply.
Well, AFAIK we don't even have a content-type for fonts in the IANA
registry at the moment?
Could be. I have not checked recently. MIME types for fonts are
pointless now.
So my - maybe naive - question would be, do implementations sniff for
fonts and why did they not ask for a content-type?
Adding support for fonts to browsers went much quicker than getting
font/* from the IETF (I and some others tried doing that, maybe not in
the right way though), and once browsers shipped with font support I
stopped caring, because we would have to sniff forever anyway.
But who is at fault is not what we are interested in here I think. We
are interested in defining when implementations have to sniff. They
very much have to sniff for fonts.
ic. - And don't care much about the "who is at fault" question either.
But as the mime-sniff draft is considering using info in the IANA
content-type registry for the mime-sniffing (i.e. magic numbers, ...),
we would in that case also have to add the fonts mime-type to that
registry eventually.
Btw. though I admit the IETF jungle can sometimes be daunting, no
worries, registering a Mime-type / Content-type is not that difficult.
As a WG we just shouldn't go through this exercise if in the end nobody
really wants content-types for fonts or sniffing of them anyway.
So a specific use case for this could be helpful - and a volunteer to
provide input on by which criteria exactly fonts should be sniffed and
help with writing up the font mime-type for the registry (I can help
with the latter).
Kind regards, Tobias
_______________________________________________
websec mailing list
websec@ietf.org
https://www.ietf.org/mailman/listinfo/websec
