How to get an OpenType icon on a OpenType TTF Flavored font file?

Primary tabs

44 posts / 0 new
Last post
Fabio Luiz Haag's picture
Offline
Joined: 25 Jul 2003 - 6:36am
How to get an OpenType icon on a OpenType TTF Flavored font file?
0

Hi there!!

When I generate a Opentype TrueType flavored font on FLAB, it gets a TrueType icon file in Windows. (I'm not sure that also happens on MAC platform).
But I've seen these kind of font files with the .TTF extension presenting an Opentype font icon. I know DaltonMaag uses this.

How can this be done?

I'm selling fonts with this format (for better screen hinting), but the .TTF extension and font file icon missleads some users...thinking they've bought a simple TrueType font.

many regards from sunny Brazil ;)

Fabio

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

Add a Digital Signature (DSIG). You can do it in FontLab Studio but you need to own an "Authenticode" Class 3 code signing digital certificate. You can get one from Thawte or Verisign, they cost some $200-$400. It's also possible to create a self-signed test certificate for free -- for more information see

http://msdn2.microsoft.com/en-us/library/aa140234(office.10).aspx#odc_dcss_procedure

(you only need to complete steps 1-3). Once you have the private key file and the .spc certificate file that you produce in this process (or obtain from VeriSign/Thawte), you can link these files to the Digital signatures section of FontLab Studio's Preferences/Options dialog box.

A.

Fabio Luiz Haag's picture
Offline
Joined: 25 Jul 2003 - 6:36am
0

Uauuu....it does cost to do that!
I'll check that test certificate....

Thks a lot for the quick response ;)

Fabio

P. Zucker's picture
Offline
Joined: 23 Feb 2008 - 7:12am
0

Funny enough, but an OT font, digitally signed like Arno Pro by Adobe, doesn't show the O icon on the Mac. On windows the icon is perfect but onthe Mac,FontBook seems to take over the fonts' icons...

The font info window, opposed to Windows properties, doesn't inform you the font is digitally signed.
The "Open with" option is set to Font Book (default).

Regards,

DH

TG's picture
TG
Offline
Joined: 8 May 2003 - 2:39pm
0

I have seen icon sets with a TrueType+Ribbon icon. Are these now standard in Vista?
Will Vista still look for the DSIG table?
Do OpenType PS still get the OpenType-O-icon regardless of the digital signature?

I still run XP and couln't find the answers to those questions.

Ralf

TG's picture
TG
Offline
Joined: 8 May 2003 - 2:39pm
0

On MacOS X (10.4 Tiger) there are just generic font icons with the addition TTF/OTF/FFIL/DFONT/...
On 10.5 Leopard the icon is (by default) replaced by a live preview.

May I bump my question:
What about Vista and OpenType icons and the connection to the DSIG table?

Ralf

Michael Jarboe's picture
Offline
Joined: 26 Feb 2007 - 12:08pm
0

The digital signature is interesting, it would be nice if it could be applied to any digital file/product as well.

Allan Murray's picture
Offline
Joined: 25 Jun 2005 - 7:18pm
0

You can get the OpenType icon without a digital signature, you just need the DSIG header with:

usNumSigs (Number of signatures in the table) = 0;

it works. The font wont be digitally signed of course, but the operating system only checks if the DSIG table is present to produce the icon.

Don't think you can do that with FontLab though.

P. Zucker's picture
Offline
Joined: 23 Feb 2008 - 7:12am
0
Allan Murray's picture
Offline
Joined: 25 Jun 2005 - 7:18pm
0

Hi DH,

Don't know how to do it with Python, but you can do it with Microsoft's free 'AddTable.exe' tool available here:
http://www.microsoft.com/typography/tools/tools.aspx

you also need a data file containing the bytes for the blank DSIG table (8 bytes):
00 00 00 01 (ulVersion = 1)
00 00 (usNumSigs = 0)
00 00 (usFlag = 0)
(Ive made one here you can download:
http://homepages.ihug.co.nz/~allanm1/DSIG.DAT)

Then type on the command line:
addtable DSIG dsig.dat in.ttf out.ttf
(make sure that the DSIG is uppercase)

in.ttf is your original font.
out.ttf is the output font which will now have the OpenType icon on Windows XP.

Allan

Eluard's picture
Offline
Joined: 16 Jan 2008 - 8:54pm
0

*Never mind*

P. Zucker's picture
Offline
Joined: 23 Feb 2008 - 7:12am
0

Thanks, I will give it a shot.
Will the icon work onMac OSX as well? I will check that too.

Regards,

DH

P. Zucker's picture
Offline
Joined: 23 Feb 2008 - 7:12am
0

Hi Allan,

I understand that this function: "usNumSigs = 0;" should do the trick.
AFAIK, this function is not in python's syntax.

Could you please be more specific?

Regards,

DH

TG's picture
TG
Offline
Joined: 8 May 2003 - 2:39pm
0

Is there - or will there be - a downside in not having the digital signature? (Beside confused customers …)

Ralf

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

Ralf,

the digital signatures singed with a proper (non-test) certificate are a safe way to ensure that the font you're dealing with is an original creation of a certain foundry. If a font was modified, the digital signature becomes invalid (or is not included at all). Some foundries, e.g. Linotype, use DSIG to check if a font that a customer is complaining about is an unmodified Linotype original or if it was "touched" by someone and therefore "the warranty is void". You could view DSIGs as some sort of "warranty seal".

A.

TG's picture
TG
Offline
Joined: 8 May 2003 - 2:39pm
0

Ah, I see.
Thanks Adam!

Ralf

david h's picture
Offline
Joined: 19 Aug 2005 - 12:18pm
0

BTW, why this kind of 'chain reaction'? why not to have OT/TT icon like OTF? ... and the DSIG is kind of useless.

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

Microsoft's idea way to differentiate somehow between the old-style TrueType fonts and the new OpenType TT fonts. Since both carry a ".ttf" extension, Microsoft decided to check for the presence of the "DSIG" table. At the time when Windows 2000 was created, they thought digital signatures in fonts would become "the big thing".

BTW, I don't think DSIGs are useless. When you produce original typefaces, it's quite useful to stamp them in a way that cannot be forged -- no?

A.

david h's picture
Offline
Joined: 19 Aug 2005 - 12:18pm
0

> Microsoft’s idea way to differentiate somehow between the old-style TrueType fonts and the new OpenType TT fonts.

They're doing great job, but this idea is just bad one. Why to differentiate? -- just have two icons (old ttf, and 'new' ttf)

> When you produce original typefaces....

Maybe (this is useful) :) but the fact that you can change the digital signature.....

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

> just have two icons (old ttf, and
>‘new’ ttf)

Well, yes, but you need a criterion on which the operating system assigns these icons :)

A.

david h's picture
Offline
Joined: 19 Aug 2005 - 12:18pm
0

I see. Too much work? :) So, just one icon -- OTT

Nick Curtis's picture
Offline
Joined: 21 Apr 2005 - 8:16am
0

On the subject of digital signatures:

The certificate cost--even the less expensive one from Thawte--is somewhat of a burden for a small foundry; however, if enough small foundries were interested in forming a VERY loose coalition and obtaining ONE certificate for use by ALL members, the cost could be reduced substantially. Does this idea interest anyone?

david h's picture
Offline
Joined: 19 Aug 2005 - 12:18pm
0

> On the subject of digital signatures:

why not to do it with FL?

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

David,

what do you mean by "with FL"?

A.

david h's picture
Offline
Joined: 19 Aug 2005 - 12:18pm
0

Adam,

To do the digital signature with FL, and eliminate the third party. Or to have a plug or something, and you pay one time fee and that's it.

p.s.
where's Paul? survey, please :)

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

David,

I do understand each word of yours but not the contents of the entire sentence :) What do you mean by "FL"? FontLab Studio, the application? Fontlab Ltd., the company? What do you mean by "do the digital signature"? Embed the digital signature in the font? Purchase the digital certificate? Something else?

FontLab Studio 5 has the ability to embed digital signatures into fonts, if the font developer installs an appropriate certificate. But Fontlab Ltd. does not issue or share digital certificates, and Fontlab Ltd. is not a certification authority. You need to obtain a digital certificate from a certification authority such as VeriSign or Thawte.

Font developers are free to form a "coalition" of some sort to share the cost and effort (the certification authority would have to issue the certificate to that "coalition", which I presume would need to be a legal entity of some sort.

Also, any font developer can purchase a digital certificate in his own name, and then choose to offer a service of using his own certificate to digitally sign fonts for other developers as well, or even to share his digital certificate with some other trusted vendors so they can sign the fonts using that certificate as well.

A.

david h's picture
Offline
Joined: 19 Aug 2005 - 12:18pm
0

Adam,

> I do understand each word of yours but not the contents of the entire sentence :)

This is like the GMAT :)

I'm talking about FontLab Studio 5.

> What do you mean by “do the digital signature”?

I'll try to illustrate it the simple/easy way: something like "Generate Font..." -> "Generate Digital Signature".

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

Well, this is how it works. You link your .spc and .pvk files in FontLab Studio's preferences once, and from then on, all your OpenType PS and OpenType TT fonts that you generate are automatically digitally signed.

A.

Dr Wouter Soudan's picture
Joined: 12 Sep 2006 - 8:01am
0

$200–$400 is not that much, for a serious foundry, is it? Just think how many (few) licenses it would have to sell, to have the cerificate paid back?

Adam — Does the certificate only apply to Windows? Or is it cross-platform, in that it is recognised on Mac OS/X and/or Linux, as well? What's the legal status, in case one would want to prove in court that one's fonts had been pirated or forged?

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

The Authenticode code signing certificates are principally a Microsoft format. However, for the purpose of signing OpenType fonts, you use one and the same certificate to sign your fonts.

A.

david h's picture
Offline
Joined: 19 Aug 2005 - 12:18pm
0

who said $200–$400 is that much? or the issue?

Nick Curtis's picture
Offline
Joined: 21 Apr 2005 - 8:16am
0

who said $200–$400 is that much? or the issue?

...per YEAR, every year.

Dr Wouter Soudan's picture
Joined: 12 Sep 2006 - 8:01am
0

Ah— that's another thing, indeed!

I shouldn't have expected differently from a M$ proprietary 'standard'...

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

Ludwig,

from your remark, I gather that you're one of those fellows who are happy in their simplistic view of the world that goes like "Microsoft is bad, others are good".

Therefore, I guess it will be a huge shock for you to learn that this has very little to do with being an "MS proprietary standard". The Authenticode code signing certificates are X.509 IETF certificates issued for a particular purpose and packaged in a particular, Microsoft-specific way. However, there are opensource tools that can convert a code signing X.509 certificate into an Authenticode code signing certificate, and the format of the Microsoft packaging of digital certificate is widely published.

X.509 digital certificates are an IETF international standard, and are used widely on the WWW, for example in SSL (https) encryption. They all cost money, even those that you use on an opensource Apache server. This has to do with the fact that the certification authorities that issue the certificates are companies that have costs of operation and (since they are companies) their purpose is to make money.

This, per se, has nothing to do with Microsoft, but I guess where you live ranting against "M$" is just an easy way to escape the complex reality.

Tip for the future: do some background reading before publicly announcing your conclusions.

Regards,
Adam

david h's picture
Offline
Joined: 19 Aug 2005 - 12:18pm
0

I agree with Adam; no need to say/use "M$"

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

BTW, some current pricing for Microsoft Authenticode code signing certificates (alco called Authenticode digital IDs):

Thawte: ~US$200/year
https://www.thawte.com/ssl-digital-certificates/code-signing/

GlobalSign: ~US$215/year
http://www.globalsign.net/digital_certificate/objectsign/index.cfm

Comodo: ~US$240/year
https://secure.comodo.net/products/frontpage?area=codesigning

VeriSign: ~US$450/year
http://www.verisign.com/products-services/security-services/code-signing...

Regards,
Adam

Miguel Sousa's picture
Offline
Joined: 18 May 2003 - 8:30pm
0

> Well, yes, but you need a criterion on which the operating system assigns these icons :)

What about relying on the presence of a table other than the 'DSIG'?
Maybe 'GSUB'? This one is certainly more tied with OpenType than the 'DSIG', no?

Thomas Phinney's picture
Offline
Joined: 3 Sep 2002 - 11:00am
0

At one time MS was going to move to a more complex system whereby they'd use the OT icon based on the presence of any of several other tables. Then they'd have a little ribbon adornment that would indicate whether the TT or OT font has a digital signature.

I have a hazy thought that maybe this didn't make it into Vista.

Cheers,

T

Simon Daniels's picture
Offline
Joined: 11 Apr 2002 - 6:37pm
0

>I have a hazy thought that maybe this didn’t make it into Vista.

True, sadly. Long story... maybe over a pint at TC07 if anyone is really interested.

Cheers, Si

david h's picture
Offline
Joined: 19 Aug 2005 - 12:18pm
0

BTW, the Arabic fonts (OpenType) by Linotype don't have the OT/TTF icon -- just the 'plain' .ttf

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

David,

that's somewhat surprising. I was under the impression that Linotype signs all their fonts.

A.

Chris Lozos's picture
Offline
Joined: 25 Feb 2004 - 11:00am
0

Why is Verisign's version more than twice as much as Thawte?
Are they not the same thing?

ChrisL

Adam Twardoch's picture
Offline
Joined: 3 Dec 2002 - 7:36pm
0

Chris,

Thawte is owned by VeriSign but VeriSign is a better-known brand. It's called product diversification.

A.

Chris Lozos's picture
Offline
Joined: 25 Feb 2004 - 11:00am
0

Expensive brand snobbery when after you buy it, there is no cache to it. If you by a BMW instead of a VW, at least the car snobs notice :-)

You have helped me make my choice. I think I will support the lesser brand and save the $250. :-)

ChrisL