diff --git a/spec/ttml2.xml b/spec/ttml2.xml index b57d4ecf0..7afb8d92c 100644 --- a/spec/ttml2.xml +++ b/spec/ttml2.xml @@ -26343,6 +26343,11 @@ W3C Recommendation, 11 May 2010. W3C Recommendation 8 June 2017. (See https://www.w3.org/TR/xslt-30/.) +Nick Doty, Ed., Mitigating Browser Fingerprinting in Web Specifications, +W3C Interest Group Note, 28 March 2019. (See +https://www.w3.org/TR/2019/NOTE-fingerprinting-guidance-20190328/.) + @@ -29432,6 +29437,18 @@ information about the user. However, the offering of a ), rather than of the Document Instance itself.

+ +Font Detection +

By conditionally dereferencing (downloading) font resources based on the existence of +locally-installed font resources, a content processor +introduces a potential fingerprinting vulnerability as defined in . Existence and mitigation of such vulnerability depends on the +content processor implementation and overall system architecture.

+ + +

As an example, a mitigation strategy can involve ignoring user-installed font resources +when choosing whether to dereference (download) font resources.

+ + High Dynamic Range Compositing