Re: RSA question



Gordon Burditt <gordonb.u9hvj@xxxxxxxxxxx> wrote:

A license code scheme generally wants the author to *SIGN* license
keys, so the software (which has the public key embedded into it)
can verify that it's an authentic license key.

Exactly so. That's why the OP's question has confused everyone, and I
think the reality is that the OP is confused about what he wants.

Some setups embed characteristics of the computer into the key, so it
will *not* work on any computer with a copy of the software. Serial
numbers. Processor type. Hard disk model. This is designed to annoy
the customer when his hardware needs replacing.

Yes, it is fragile and annoying. It also requires the computer that the
product is to be installed upon to run something that collects this
information and submits it to the licence generating server. With such a
system it is not possible for the procurement department to purchase 20
licences for deployment in the development department.

Some software which operates over the network is able to detect
shared license codes by broadcasting its own license code and noticing
if anything else is broadcasting the same code. Thus, sharing one
copy within your company doesn't work.

Worse than that, I've known a company get locked out of critical
business software (something Microsoft I believe) because they
virtualised one of their servers for backup and resiliency purposes, and
the virtual machine and physical machine momentarily saw each other on
the LAN. It took a day to diagnose why things weren't working and to
deal with Microsoft support to correct the problem. The end result is
that they dare not start the virtual machine, and this spoils the
purpose. The lesson I take from that is not to use Microsoft software
for critical infrastructure. Linux makes better servers anyway,
especially in a virtual environment.

It's not email snoopers that's the threat. It's the CUSTOMER that's
the threat.

That does seem to be the prevalent view. Certainly the music and movie
industries seem to think that DRM is the answer. Personally I don't
believe fighting against the customer is ever going to improve business.

--
James Taylor
.