From the PING review:

What value is provided by this obfuscation algorithm? Can this feature be marked at risk, given the uncertainty about whether it satisfies any vendor goals while increasing the complexity of the spec and making the source less easily inspectable by the reader?

Why does the creation of the obfuscation key based on the SHA-1 hash function include a SHOULD requirement rather than a MUST? This relaxation seems primarily to decrease interoperability.

The obfuscation section contains no requirements on reading systems. Maybe they are just implicitly supposed to de-obfuscate these resources in order to render the book as intended. Are reading systems expected not to provide unobfuscated access to these obfuscated files to users?