[sword-devel] DRM entries in .conf files

Mike Dougherty sword-devel@crosswire.org
16 Dec 2001 17:34:44 -0800 

On Sat, 2001-12-15 at 15:59, Chris Little wrote:
> 
> > Wow, I haven't thought about DRM in quite some time. Kind of 
> > a blast from the past sort of thing.... Anyway, here are a 
> > few thoughts, questions, comments.
> *snip*
> 
> I think you've put too much thought into this before. :)  Or else I've
> not put enough. :)


One of my previous employers specialized in DRM, or at least they tried
to until M$ and Adobe stole it. But that a discussion for another time
(and list).


> 
> My intention with the DRM info is to note what the copyright & license
> permit, not to implement enforecment of them.
> 


Understood. It would considerable effort and time to implement a DRM
solution. It would be interesting to think about and discuss though.
Don't you think the likes of Thomas Nelson would be more likely to grant
access to there translations if we could demonstrate there protection?


> Just FYI, my per-verse (perverse?) numbers reflected limits
> per-operation.  So, if you have a module with a 500 verse limit set on
> printing, you could print up to 500 verses, then immediately print
> another 500, but only 500 at a time. :)  OLB has something like this,
> but their limit is set to 200 verses I believe.
> 
> I want to retract my suggestions of the "DRMPermissions", "DRMWriteKey",
> "DRMPrintKey", & "DRMReadKey" fields. :)  They would potentially take us
> down a road that I (personally) don't want to go down.  Ever.  Feel free
> to argue with me that they have some positive use, but I don't see one.
> If publisher X wants to limit users in how they are allowed to use texts
> or want such nonsense as expiring licenses, they can find someone else's
> software to help them do that.  DRM is evil, and serves no legitimate
> purpose other than to restrict users rights in ways that they can't be
> in traditional media.  We, of all groups, should not encourage DRM.  (Am
> I really so desperate to pick a fight here, that I have to attack my own
> previous email? :)


If you are not going to attempt to protect the content then you don't
need to store any key information. That I agree with.

I don't necessarily agree that DRM is evil. For a legitimate copyright
holder it's a wonderful thing. They can distribute their work
electronically without fear of loosing control over it.


> 
> That said... I do still think we should adopt the "CopyrightHolder",
> "CopyrightDate", "License", & "TextSource" fields.  And I would add to
> them, a "QuoteLimit" field to indicate a limit on quotation in human
> readable format.
> 

I understand what CopyrightHolder, CopyrightDate and TextSource refer
to, but I am lost on the purpose you intend for License and QuoteLimit.
Can you elaborate?


> Separately, I would add a "Writable" field, indicating that a module may
> be written to.  This would be set for modules like personal commentaries
> and modules that are being used in distributed editing systems.  And
> possibly a "WriteKey" field to hold a unix crypt() password, or some
> kind of MD5 hash if Mike prefers :), to be checked whenever a write
> operation is attempted.  (But the hash can't use either the module or
> the .conf file since both can be modified.)

OK, now I'm confused. I thought you didn't want to try and protect the
content?

Either way though. You could still use the hash. You would just have to
recreate it every time the conf file or module was modified. Which can
be time consuming (depending on file size). So in this case it is
probably not the best choice.

/mike

-- 
******************************************
 Mike Dougherty -- Java Software Engineer
******************************************