From OFLB

In short

Embedded OpenType (EOT) is a font format for @font-face web font linking. It currently works only with Microsoft’s Internet Explorer browser (IE), and you need software that will only run on a PC running Microsoft Windows to encode OpenType or TrueType fonts as .eot files.

The primary purpose is to add information about which web sites are allowed to use the font in their web pages. A secondary purpose is to make font file sizes smaller, to conserve bandwidth. The file size is firstly reduced by subsetting: some character shapes (‘glyphs’) are discarded. Then the remaining glyphs are compressed with a technology patented by Monotype. The compression process also includes an encryption system.

Originally, EOT was a closely-guarded technology and all the details were a trade secret. The encryption meant it was hard to extract the original glyphs from EOT files. But in early 2008, the specification was offered to the World Wide Web Consortium (W3C) as a candidate for adoption as a standard technology for all web browsers. This specification included the full details of the encryption system, meaning it is now worthless in its own right – it is easy to decrypt EOT files, and convert them back into usable desktop fonts.

The history

Web pages were originally thought of as simple documents that looked a lot like plain text files. Soon, users wanted to add formatting and images. Within a few years of the invention of the world wide web, professional designers were being asked to create commercial web pages.

Amongst other things, graphic designers expect to be able to vary the look of text to convey information about the document. Type size and weight give an indication of the importance of chunks of text; typefaces give a more subtle sign of the nature of the text.

Graphic designers making web pages – in other words, the first web designers – were soon able to specify type size. But if they wanted to specify a font, they could only ask a browser to try finding that font on a user's computer. If the user’s system did not have any fonts that corresponded to the typeface name specified, then the browser would just give up and carry on.

Unlike image files, there was no way to send the font file across the web and allow it to be used on a temporary basis, just to allow the page to look as the designer intended.

Nowadays, you can see how frustrated the web designers became, because there are several ways to use images of fonts instead of fonts themselves. Contemporary sites use image replacement techniques, in which the text is hidden and replaced by substitute images that are set in a typeface that suits the design, but is not installed on most computers. A poor solution.

In the 1990s ‘Browser Wars’ the two big browsers, Netscape and Microsoft, came up with solutions to the problem. In doing so, they were confronted with a difficulty that was not technical, yet threatened the chances of successful adoption of their solutions.

The issue was how to keep proprietary font software publishers happy. At that time, there were only a handful of freely licensed fonts. Fonts were typically licensed to individual users to use on their own computers, and certainly not for distribution to anyone else. Type designers were concerned that allowing browsers to pull in font files from all over the web would make unlicensed font use even more widespread: it would be something that everyone surfing the web did whenever they went online.

Netscape fell by the wayside. Microsoft’s EOT solution was only available in IE, so few have been interested in it, and few font publishers give the option to use it because of their concerns. But in 2008 Microsoft offered EOT to the W3C so all web browsers could support it, and many font publishers have expressed an interest.

So what’s wrong with EOT?

• As noted above, all the details of the encryption and the compression that generate .eot files have been published already. So unscrupulous developers can write programs that can decrypt .eot files for use outside the browser, quickly defeating the object of the system.
• That means it is a ‘solution looking for a problem’. Whatever else EOT may do, it does not answer the fact that font software publishers may be losing money: it is already easy to break the terms of a font software license and give a copy to a friend. Dishonest people will use desktop fonts on the web anyway; honest people will not. Keeping honest users honest is unnecessary. EOT could lull font publishers and type designers into believing that there is a solution to the problem of unauthorised copying, and push their understanding of the facts further away from reality.
• It’s a form of Digital Rights Management – that is, it attempts to enforce license conditions with software, rather than relying on people to determine and respect those conditions. The W3C have never encouraged this before, and it appears to be a precedent that some browser developers do not wish to see established.
• The compression system is patented by Monotype, who may only allow their patent to be used by web browsers. The WebKit and Gecko programs (which Apple Safari and Mozilla Firefox are based on) are licensed under the GNU LGPL meaning that they can’t be limited to certain fields of use as this would imply.
• Some features are probably unnecessary. While ten years ago it was important to compress a large font, most people have faster Internet connections now; most mobile phone Internet access is faster than the 56k modem that was common in the late 1990s. Most Latin fonts are similar in size to a JPEG image file, so they do not need to be very highly compressed; the gzip compression already built in to web servers and browsers will do fine. If a font is subsetted, it cannot be used for dynamic content on wikis, blogs and news sites (when the text updates there will be missing letters!).
• Nobody likes it much. Recently a commentator suggested that there is no burning will within Microsoft to try to foist EOT onto the world. It gives browser authors and web designers a hard time by adding complexity to their tasks without benefiting them.
• Right now, you need a copy of Windows to run existing software that will encode a font as a .eot file. That software doesn’t work very well.

The purpose of the Open Font Library is to encourage a community of people who want to share and use typefaces. Genuine respect for licenses is critical to this. It is impossible to enforce any license if people hold licenses in contempt. This principle applies whether the license allows everyone to benefit or permits only certain restricted uses.

EOT undermines software licensing because it effectively replaces the license with an enforcement system. It does not raise awareness of the importance of licenses to users. And when a simple way to get around the encryption is published, wrecking the enforcement system, the people who advocated it will look foolish because protection against unlicensed use of font software is the ability on which EOT is promoted.

What might happen in the future?

The W3C will take a long time to approve EOT, or something like EOT, as a web standard. But support for font linking is becoming widespread very quickly with normal font formats.

Unlike ‘the big guys’, plenty of type designers who publish their own font software have realised that honest people exist, and don’t want to wait for a fiddly new font format based on the misguided idea that computers can keep honest people honest. They want to start earning money from the huge pent-up demand for web fonts right now, and they will start publishing fonts in the formats that already work – with licenses that allow them to be linked to web pages. Otherwise, they’ll miss out on a huge sales opportunity!

Once larger font publishers see a few type designers making a lot of money and leading the way, the floodgates will open. People will expect all major web browsers to support web fonts.