[sword-devel] what problem are you trying to solve? (Re: encryption and integrity checking.)
Troy A. Griffitts
scribe at crosswire.org
Wed Mar 11 07:33:08 MST 2009
Yes, I echo Karl's response. In all of the many conversations I have
had with publisher, when they ask how we support 'paid' modules, I tell
them of our current system:
encrypt the text with 128-bit key.
supply the single key to the publisher to sell as they would like, which
unlocks the module for the user.
The only resistance I've heard (which I can remember) is something like:
Is there a way to supply different keys to each user? To which I
reply, sure, we'd be happy to provide the tool for encrypting the
module; you can generate your own key, per user, use the tool to encrypt
the text differently for each user, and distribute the text and key
combination when a user purchases the text.
I've not had any issues with publishers in this regard and I personally
believe short of a centralized DRM server which keeps track of all users
and which modules they've purchased, we will not be able to do more
regarding the DRM, and ultimately will not be able to satisfactorily
solve an issue industries greater than ours have failed to do.
Peter, specifically is there an issue we might be able to help resolve
for a specific content provider?
David is correct that there are many types of issues involved here. One
which we might be able to resolve is assurance that a redistributable
text is actually what left our server, and has not been modified.
Karl Kleinpaste wrote:
> I wonder why we stress so much over encryption and avoidance of copying,
> right down to copy/paste. Nobody else does.
> Libronix, which I believe has the strongest per-user license mechanism
> and encryption facility in any Bible software today, nonetheless makes
> it possible to copy/paste in such a manner that even Bible footnotes are
> preserved with proper formatting when pasting into Word. I've
> experimented with this myself, when the question arose elsehow quite
> some time ago. This is DM's problem #3, and it is not only an unsolved
> problem in Libronix, it is not even addressed -- indeed, one could say
> that it is facilitated in the opposite direction, because Libronix helps
> make exactly that form of copying look better, whole chapters at a time,
> possibly whole books at a time.
> Why is this such a larger issue for our apps than it is for Libronix?
> If publishers are balking at making modules available for Sword
> applications, what is their argumentative basis? Given the utter,
> complete lack of any actual protection scheme in e-Sword modules, and
> yet with e-Sword having support of a number of modules available that we
> have not been able to secure (esp. NIV), what exactly is the problem in
> need of address, and why have we failed to make a case when in fact we
> do have an encryption scheme that is far superior to e-Sword? (Yes, you
> may feel free to whine about the manner of key storage in most Sword
> apps. That is a distraction. Please address the core problem.)
> A while back, a passage exporter was implemented for Xiphos. A request
> came along that we reduce the available scope of export, so as to
> prevent excess copying. I disabled the "whole book" option, leaving
> chapter and verse export in place, but I didn't like doing so and I
> truly don't see the point and I have no idea who is out there that could
> be convinced that we have saved anyone anything by having done so.
> Please tell me why Sword applications are so "special," compared to
> Logos and e-Sword. Until there is an answer to that question, all the
> complex technical solutions to what is potentially a non-problem don't
> mean a thing.
> sword-devel mailing list: sword-devel at crosswire.org
> Instructions to unsubscribe/change your settings at above page
More information about the sword-devel