Closed pes10k closed 1 year ago
nigelmegitt
commented
2 years ago @pes10k please could you indicate where in the IMSC-HRM spec you found text describing a need to respond to font face instructions, or to render text? I'm surprised by this comment because to my knowledge there is no such text, or implication, and am worried in case you caught something that I missed.
pes10k
commented
2 years ago @nigelmegitt Section 9 has several instructions that detail how the proposal should interact with drawing text, including how much time it should take, no? Have I misunderstood your question?
nigelmegitt
commented
2 years ago Ah, I see, thank you @pes10k . Though it might seem surprising, one of the deliberate design intents of the HRM is that there is no requirement to render text or even to respond to font face instructions. What is described is an algorithm for generating a paint time using a hypothetical model.
The definition of "glyph" used is a tuple of values computed from the document contents alone, and there is no requirement, when computing those values, to dereference a font face instruction, a font, or the drawing instructions for a glyph in a font.
Does that help?
nigelmegitt
commented
2 years ago Looks like there's duplication here with comments made in the thread at #29. The introductory text at #43 will soon be merged, and I think it will help explain the context and hopefully allow you to agree that this issue can be closed, @pes10k - do let us know if any more changes are needed, or close this if you feel happy to.
himorin
commented
1 year ago hi @pes10k , could you kindly take some time to look into this issue, and close if you are fine with changes?
pes10k
commented
1 year ago Closing out now, thanks @himorin , I think the changes you pointed to are helpful and clarifying. Thanks!
This issue is part of the PING privacy review w3cping/privacy-request#65
The current privacy considerations text says "No information is exposed by the algorithm to any origin". From my reading of the spec this isn't accurate. It seems likely that origins could learn about the fonts available on the system by seeing how the system responds to fontFace instructions, and system color adjustments (by seeing how the system responds to tts:color instructions).
Its not clear to me if the page is supposed to be able to inspect the text here (e.g. through using DOM methods). If so, that would make learning this information simple. But even if not, I expect some of this information could be inferred through the timing channels defined in the document (and / or whether error conditions are triggered by painting too many pixels