Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/3/84; site sesame.UUCP
Path: utzoo!watmath!clyde!bonnie!akgua!whuxlm!harpo!decvax!genrad!panda!talcott!sesame!slerner
From: slerner@sesame.UUCP (Simcha-Yitzchak Lerner)
Newsgroups: net.micro.pc
Subject: Re: More dongles
Message-ID: <299@sesame.UUCP>
Date: Thu, 22-Aug-85 23:27:31 EDT
Article-I.D.: sesame.299
Posted: Thu Aug 22 23:27:31 1985
Date-Received: Sun, 25-Aug-85 02:50:22 EDT
References: <53500017@trsvax>
Organization: Lotus Development Corp
Lines: 77


 
[eat this!]

Gordon Burditt posted a long article regarding communications transparency
of keys, 50' stacks of keys etc...

For RS-232 ports (there are other transport protocols for other types 
of ports) there are 2 different standards.  The primary std. is to
communicate over status lines.  This method remain fully transparent
at all times, even while validating a program.  The second method
is a fallback for machines that either do not have status lines on
their RS-232 or can not control them (eg:protected environment).  This
method uses a long (9 character) escape sequence, combined with a
guard period of no transmission.  This system is transparent as
long as a validation session is not in progress.  Most of the points
made by Gordon where correct, you would have thought that he had
read the specs!

In regards to physical clumsiness:  Unlike the UK dongle, the ADAPSO
key does not daisychain.  Rather, they all plug into a central keyring
which handles all communication/traffic managment for the system.  Keys
(1st generation) will not be much bigger that an 8088 standing on edge 
(sans pins).  You can plug a lot of these into a keyring the size of a 
modem.

Finally, in regards to the possibility of something like each
UN*X utility needing a seperate key:  It is possible to have a
company come out with a smart key that services all of their
products.  (This is done by it recognizing multiple key IDs.)
Parts of this key could be turned on via a cheap one-shot key.
So a company with a lot of products that are often bundeled
could have them all authorize off of one key.  Their advantage,
with a single key they can afford to put in a lot of power for
a lot of protection - they couldn't afford to do this for every
product.  The cheap one-shots wouldn't need to much to them.
The consumer benifits - only one slot is used, avoiding the need
to buy expansion units for their keyring, increased portability
(you only have to move one key when your system dies).

Regretfully, anything above useing a scouts honor promise to
protect your software will have to involve the manufacturer
if it dies.  One of the many advantages of a hardware key over
a disk is that it is a lot more sturdy.  (When was the last
time you had to replace a worn out ROM chip?)  Hopefuly, some
manufacturers will diferentiate themselves by offering some
type of 24-hour 7-day/week responce to dead keys.  [A few
cos are even talking of supplying a BACKUP key w/ their
product.  Assuming that you didn't give it away to a friend,
you would be able to recover with the backup until the replacement
came...

--------------------------

BTW to flamers:

While I work for Lotus, I have created, developed, and nurtured this
project on my own time for my own reasons.  I am NOT a paid puppet
spouting Lotus' official line - most Loti don't even know newsnet
exists, as my link is not via a Lotus machine.  If you truely 
feel you must flame me, why don't you send it to me as mail, so
we don't bother everyone on the net?  Who knows, I may have a
flame thrower too, somewhere in this drawer??   :-)




-- 
Opinions expressed are public domain, and do not belong to Lotus
Development Corp.
----------------------------------------------------------------

Simcha-Yitzchak Lerner

              {genrad|ihnp4|ima}!wjh12!talcott!sesame!slerner
                      {cbosgd|harvard}!talcott!sesame!slerner
                                slerner%sesame@harvard.ARPA