- From: Chris Lilley <chris@w3.org>
- Date: Wed, 22 Apr 2015 23:00:45 +0200
- To: WebFonts WG <public-webfonts-wg@w3.org>
Hello WebFonts,
Minutes of todays call at
https://www.w3.org/2015/04/22-webfonts-minutes.html
and below as text for trackbot
WebFonts Working Group Teleconference
22 Apr 2015
See also: [2]IRC log
[2] http://www.w3.org/2015/04/22-webfonts-irc
Attendees
Present
Vlad, jfkthame, ChrisL, +1.250.668.aaaa, j_hudson,
RSheeter, kuettel, KhaledHosny
Regrets
Chair
Vlad
Scribe
ChrisL
Contents
* [3]Topics
1. [4]conformance test suite
2. [5]next meeting
3. [6]aob
* [7]Summary of Action Items
__________________________________________________________
<trackbot> Date: 22 April 2015
<RSheeter> if I scribe I fear you will hear my typing given how
I setup hangouts
<scribe> scribenick: ChrisL
Vlad: we have a couple of comments following the publication
... one was typo, now fixed
... second was impl and how it handles a condition, not a spec
issue
... resolved as no change
... who updates the Google implementation?
RSheeter: me, then I delegate depending
conformance test suite
Vlad: reviewed test plan, added all the new conformance items
that were related to font collections and also the glyf and
loca stuff
[8]https://www.w3.org/Fonts/WG/wiki/TestPlan20-Format
[8] https://www.w3.org/Fonts/WG/wiki/TestPlan20-Format
[9]https://www.w3.org/Fonts/WG/wiki/TestPlan20-AuthoringTool
[9] https://www.w3.org/Fonts/WG/wiki/TestPlan20-AuthoringTool
[10]https://www.w3.org/Fonts/WG/wiki/TestPlan20-UserAgent
[10] https://www.w3.org/Fonts/WG/wiki/TestPlan20-UserAgent
ChrisL: prefer we adopt the ednote suggestion for
[11]http://dev.w3.org/webfonts/WOFF2/spec/#conform-mustSpecifyG
lyfTableSize
... it should say "this is the size in the original font" and
make not promises abot how big the reconstruction ends up
[11] http://dev.w3.org/webfonts/WOFF2/spec/#conform-mustSpecifyGlyfTableSize
Vlad: and then no test needed
ChrisL: it would become an authoring tool test
Vlad: straw poll - remove test on size of reconstructed glyph
table? not practical to test
RSheeter: remove it
<scribe> ACTION: vlad to remove the
#conform-mustSpecifyGlyfTableSize requirement and ed note
[recorded in
[12]http://www.w3.org/2015/04/22-webfonts-minutes.html#action01
]
<trackbot> Created ACTION-173 - Remove the
#conform-mustspecifyglyftablesize requirement and ed note [on
Vladimir Levantovsky - due 2015-04-29].
kuettel: agree
<RSheeter> I think that was me and Khaled not Kuettel
ChrisL: easy as an authoring tool test. MUST be same
Vlad: but then why not for all the other tables
ok never mind then, no conformance on that
Vlad: wanted to prepare this for f2f meeting, go through the
plans and see what we can do with the new ones
I changed a few things on
[13]https://www.w3.org/Fonts/WG/wiki/TestPlan20-UserAgent today
[13] https://www.w3.org/Fonts/WG/wiki/TestPlan20-UserAgent
Vlad: extraneous-reject was similar in WOFF1, we had well
defined padding requirements for tables, no overlap etc
... much more complex in woff2
... all variable length portions, cant see where they end
without parsing. so needs a series of tests
... flagged as needing more work in the test plan
(no suggestions)
"For each place where extraneous data could occur, make a
test."
Vlad: that is a lot of places. hard to find where those places
are
... would need to be doctored by hand
RSheeter: make explicit tests for major and obvious ones?
Vlad: easy between main and meta, meta and private
j_hudson: is it that we have no clear prioritization of what to
test?
Vlad: ambiguously defined. and also, variable length parts with
no separation
... so hard to find where to insert space
ChrisL: need to reassess value of preventing ppl hiding data in
odd places like between tables
Vlad: yes with per-table compression there were clear
interstices that could be exploited. here it is all one
compressed blob
ChrisL: suggest just testing in a few places
KhaledHosny: we already test those places
Vlad: in reality these three sections are contiguous. need to
parse header to see where the joins between sections are
... and its harder to insert extra data, compared to woff1
... wonder if the test is too complicated for little gain
j_hudson: ask the w3c security folks?
... if there are security concerns they would know and we could
flag it
<scribe> ACTION: ChrisL ask webappsec to review woff2 [recorded
in
[14]http://www.w3.org/2015/04/22-webfonts-minutes.html#action02
]
<trackbot> Created ACTION-174 - Ask webappsec to review woff2
[on Chris Lilley - due 2015-04-29].
j_hudson: maybe the person who commented on woff1 in last call
would comment here
Vlad: even with some number of tests we can't test all possible
insertion points. want to avoid a false sense of security too
ChrisL: fuzzing makes more sense on a per-implementation basis
RSheeter: restrict it to the ones we already test like in woff1
Vlad: yes
(we will limit the test plan to the basic file structure
insertion points)
(agreement)
Vlad: we now have specific descriptions on bounding box
calculations, loca tables, etc
... esp for font collection support
... description best done by whoever makes the tests
... KhaledHosny any ideas on those?
KhaledHosny: I can edit the descriptions for these
[15]https://www.w3.org/Fonts/WG/wiki/TestPlan20-UserAgent#mustC
alculateBBox
[15] https://www.w3.org/Fonts/WG/wiki/TestPlan20-UserAgent#mustCalculateBBox
(and on from there)
KhaledHosny: I have started looking at these already
Vlad: authoring tool also changed because of the collections
stuff
[16]https://www.w3.org/Fonts/WG/wiki/TestPlan20-AuthoringTool
[16] https://www.w3.org/Fonts/WG/wiki/TestPlan20-AuthoringTool
Vlad: often related to UA tests esp glyf and loca
... KhaledHosny if you could share your notes we can verify
against test plan
... then ready for f2f meeting, when we are all in smae room
things move fast
next meeting
Vlad: so who is coming to f2f meeting? chris responded
... suggested dates are june 9-11 but we probably don't need 3
days
j_hudson: could call in, will not be there
Vlad: probably hosted at monotype office, if not somewhere in
boston
kuettel: we wanted to be sure khaled could join somehow, travel
is problematic so remote access is important
... today was first succesful trial, joining via hangouts and
today was the first time that worked
... otherwise we were reluctant to have the meeting
KhaledHosny: all the suggested days are okay
... can manage for attending most of each day
Vlad: certainly June 9, maybe spill over to June 10, don't see
more than two days
<RSheeter> Rod & David K can make it :D
Vlad: jfkthame could you make it?
jfkthame: not in person
... maybe connect for part of the meeting, if needed.
Vlad: we can plan for an early start to ease remote
participation
Resolved: Meeting 9 and 10 June, Boston, 3 remote participants
and 5 on-site
kuettel: google has an office in cambridge if needed. hangouts
already setup. lets discuss offline
Vlad: monotype has good connectivity in conference rooms too
... and hotel next door
... (marriott courtyard)
<RSheeter> [17]https://github.com/w3c/woff2-tests
[17] https://github.com/w3c/woff2-tests
RSheeter: also look at the test repo on github
aob
Summary of Action Items
[NEW] ACTION: ChrisL ask webappsec to review woff2 [recorded in
[18]http://www.w3.org/2015/04/22-webfonts-minutes.html#action02
]
[NEW] ACTION: vlad to remove the
#conform-mustSpecifyGlyfTableSize requirement and ed note
[recorded in
[19]http://www.w3.org/2015/04/22-webfonts-minutes.html#action01
]
[End of minutes]
--
Best regards,
Chris Lilley
Technical Director, W3C Interaction Domain
Received on Wednesday, 22 April 2015 21:00:52 UTC