Open adrpo opened 3 years ago
I think proposal two is very good. Is the effort for the creation of the unique link and the possibility of registration large? What data should all be entered during registration. E.g. the name and surname, email address and organization?
You could also do:
Proposal three sounds also very good. We found these licensing tools which could be used for example: https://github.com/amrayn/licensepp https://github.com/plstcharles/meta-licensor http://open-license-manager.github.io/licensecc/index.html
Hi all,
I'm a colleague of @niklwors.
I like proposal three, and I would like to understand it better because of the online access to check for newer version feature.
I would like to have the encryption feature included in the "normal" version. This way you do not need to maintain more installers as @sjoelund mentioned.
To prevent everybody to use this feature, the user needs a license (which is not part of the installer). If you want to use encryption, OM checks that there is no valid license and opens a "request license" dialog. The dialoge shows the hardware ID of the machine and has a "request license" button that opens/sends a mail to your team using the mail client of the machine.
This way you will know that somebody out there want's to use encryption, and you can provide them the license file that is valid for a certain period of time.
The user receives this license in the mail and uses the same "request license" dialog to "import the license". Now he can use the encryption feature.
You get
I think the "check for newer [OMEdit] versions" is something that should be implemented parallel, as a new version can also be released without anything changed to the encryption feature.
Niklas mentioned some C++ licensing libraries that could help in implementing such a feature.
There is one open question for me - I don't understand the "refusing to load encryptied libraries e.g. if the version is broken". Can you @sjoelund provide more information to us?
Best regards, Francisco
There is one open question for me - I don't understand the "refusing to load encryptied libraries e.g. if the version is broken". Can you @sjoelund provide more information to us?
There are some open tickets about older versions of the version with encryption support not working as it should (ignoring some license checks, etc). I think we would actually need some way of disabling older versions (or changing the encryption key, but then perhaps some version could be used to extract information from the libraries)...
The disadvantage of 3 is that there is a lot more that would need to be implemented (taking time from other planned features).
@sjoelund You can make sure that only new version of OMEdit is used with the new SEMLA integration by changing the public key of OpenModelica. Then the libraries must be encrypted with the new OpenModelica public key so that they can be used with the latest version.
@sjoelund You can make sure that only new version of OMEdit is used with the new SEMLA integration by changing the public key of OpenModelica.
That does nothing for people with an older version of OMEdit installed.
Thanks @sjoelund - now I understand this.
After typing several lines I came to the conclusion that it would be the best to discuss this in a meeting ;-)
If you want to disable a version A installed on the user PC, you need some kind of connection between the version on the PC and kind of "master switch" in your hands. A license could solve this problem - think about "encryption features available for 1 year". After this year it does not work anymore....
A better solution would be a license server so the version A checks online if the feature is still valid or not...
but a license server is kind of more implementation, administration and budget...
Feel free to organize a web meeting on this topic.
Peter
From: siscosan @.> Sent: Tuesday, June 15, 2021 14:19 To: OpenModelica/OpenModelica @.> Cc: Peter Fritzson @.>; Assign @.> Subject: Re: [OpenModelica/OpenModelica] Distribution of the OpenModelica variant with encryption (#7560)
After typing several lines I came to the conclusion that it would be the best to discuss this in a meeting ;-)
If you want to disable a version A installed on the user PC, you need some kind of connection between the version on the PC and kind of "master switch" in your hands. A license could solve this problem - think about "encryption features available for 1 year". After this year it does not work anymore....
A better solution would be a license server so the version A checks online if the feature is still valid or not...
but a license server is kind of more implementation, administration and budget...
- You are receiving this because you were assigned. Reply to this email directly, view it on GitHubhttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FOpenModelica%2FOpenModelica%2Fissues%2F7560%23issuecomment-861450004&data=04%7C01%7Cpeter.fritzson%40liu.se%7C5a60909c9014456b10fa08d92ff7ba1e%7C913f18ec7f264c5fa816784fe9a58edd%7C0%7C0%7C637593563289050100%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=38Klr8TOtGwmxONcVnrTw6wUoe53djdAodmqw6Y4LSA%3D&reserved=0, or unsubscribehttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAFTWEQRMOAPSFVFZCPIR5SDTS5AKLANCNFSM46VIEH4Q&data=04%7C01%7Cpeter.fritzson%40liu.se%7C5a60909c9014456b10fa08d92ff7ba1e%7C913f18ec7f264c5fa816784fe9a58edd%7C0%7C0%7C637593563289060097%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=6RAyT0EZNqjXbG3Sj6%2BzXAobPhDyW%2B4d0Hm8hvPpwDQ%3D&reserved=0.
@sjoelund you can than not load the encryped library because the encrypted library does not support the old OpenModelica public key
@niklwors - yes, but you can still use your old version A with the old encrypted library A
Niklas will ask in the next DEV meeting when we could do such a meeting to discuss this topics.
@sjoelund you can than not load the encryped library because the encrypted library does not support the old OpenModelica public key
It should be possible to have multiple public keys. Need Adeel to check that.
@niklwors - yes, but you can still use your old version A with the old encrypted library A
Not with my proposal...
We will have a meeting about this in 30 June @ 13:00, let me know if you want to join that meeting.
Option 3
Issues:
Harder things:
MA - MCP encryption: https://github.com/modelica/ModelicaSpecification/tree/MCP/0039/RationaleMCP/0039
@adrpo's comment on 30 Jun is a good summary of the requirements, but we need to turn that into an actual work plan. @niklwors, we can discuss this in detail in one of the next devmeetings
Tentative workplan:
Distribution:
@adeas31 can you please help with the form handling? Please ask @adrpo for details, it should be straightforward.
@adeas31 please ask @adrpo about details, I guess you can take care of the implementation. This is needed anytime soon
@niklwors, @abuntrock, can we close this ticket or is there still some pending issue with it?
It is still missing that the download page is still empty and has no content, such as an OpenModelica logo and a short description of what the page is for.
@adeas31 could you please take care of that?
I don't know much about it. @arun3688 designed the download page.
OK, then I'd leave it to @arun3688 😃
@casella @adeas31 Adrian decided not to use the keycloak interface as it was too complicated to fix few stuffs and he decided to use a very simple web interface using Apache, but I don't know how the web interface looked like @adrpo can you please comment on this
This ticket is for a discussion on how to distribute the OpenModelica variant with encryption.
distribute from openmodelica website via one public link
distribute from openmodelica website with registration and a unique link that can be used once for download (with captcha so that automatic link checkers can't access it)
Currently only the OMSC members can access the OpenModelica build with encryption support.