On Oct 20, Mozilla joined several organizations in endorsing the Web Open Font Format (WOFF) specification.  We also announced the intent to implement the specification starting in Firefox 3.6.

Wired’s Michael Calore on the WOFF spec:

This is a significant step forward not only for the emerging open format, but also for type on the web in general, which is still stuck in a state of mild turmoil.

For years, designers have been limited to using only a set of five or six common fonts on the web. But thanks to new font rendering tools within the emerging HTML5 and CSS3 standards, web designers now have the ability to use newer, more visually interesting typefaces — and make that type appear more consistently across browsers, operating systems and screen resolutions.

Coverage highlights include:

CNET, Technology Review, Webmonkey, Holy Info, The H, and Online PC.

Last week Mozilla’s security program manager, Brandon Sterne, posted an update to Mozilla’s plan for its Content Security Policy (CSP).  The news has gotten positive attention in the press and has resulted in more than 10 articles since the post.

The Register’s Dan Goodin comments on CSP’s potential. He says, “Still, CSP is worth watching – and if you’re a web developer, even playing around with. If it works as intended, it could prove to be one of the more promising solutions for a Web 2.0 world that’s built first and is only later, if ever, patched.”

Johnathan Nightingale spoke with ComputerWorld’s Gregg Keizer. Gregg notes, “‘This isn’t a single trick that’s meant to counter a single kind of attack,’ said Johnathan Nightingale, the manager of the Firefox front-end development team. ‘This helps sites solve cross-site scripting, but it’s more than that. They now have a way to shut everything dynamic off, so that no matter what content gets added to a site, if it’s on the page and they’ve sent us policy instructions in its header, we shut it down.’”

Additional coverage highlights include: Threatpost, Security Focus, PC Magazine, ITChuiko, The Inquirer,  InternetNews, InformationWeek, The H and Beta News