[css-fonts] Reference font subsets without privacy leaks

[svgeesus]

"The union of these ranges defines the set of codepoints for which the corresponding font may be used. User agents must not download or use the font for codepoints outside this set."

Thank you for pointing me at this. To be honest I didn't know this was already in the spec. I agree that, since this is already part of the platform, then my concern is sorta redundant. I am going to change my issue from privacy-needs-resolution to privacy-tracker, so that this issue isn't blocking you all.

That said, two other (non-blocking) suggestions:

1. I encourage both your group, and the CSS Fonts Module group (if thats not a distinction w/o a difference) to consider whether future versions of both specs could adjust the current behavior, so that page authors could easily reference sub-sets of fonts, w/o the font requests potentially real-time leaking what the user is reading on the page.
2. Less importantly, as an editorial suggestion comment (maybe more to the CSS Fonts Module group), is that the "CSS Fonts Module 3 (and 4)" text seems to be in a little tension w/ itself. The first paragraph in 4.5 says this is a "hint" (which, i dont know if its a well defined term, but in my casual read suggests some amount of optionality or heuristic), while later says "must not". Not directly relevant to this conversation, but i think rewording that text might be helpful for readers to understand whats intended.

Anywho thanks for walking me through this and helping me understand how this interacts with existing specs. Like i mentioned, i removed the privacy-needs-resolution label so you should be all good to go privacy-review wise

Originally posted by @pes10k in w3c/IFT#207 (comment)