> Thanks for the reply Goetz, appreciated! I believe with signing > the license > information (correct me if I am wrong), I have to provide the actually > license info/data (in plain clear text) along with the data > generated during > the signing process. The problem with this approach is, that > providing the > license info in clear text I think will make it little more tempting & > almost all the softwares that I have used, don't supply license info in > clear text. Even though I agree the customer should know what is in the > license information thats why my software will display info about > it, after > reading the license data but how this license info is interpreted & > transformed from one form to another should be left to the > software vendor.
I don't mean to be rude, and I really hope you don't take this the wrong way, but you simply don't have nearly enough knowledge to devise a security scheme that could be relied upon in any way, shape or form. If this matters to you, you need to find someone who does to help you or spend a few years learning how to do it right. I'm sorry, but that's just the truth. What you're trying to do is like building a bridge. There is no substitute for knowing how to do it *right* and knowing what can go wrong, and so on. I would strongly caution you that it is very easy to make something that seems secure but really is a disaster of one form or another. It's very easy to compromise the security of your own license but also very easy to compromise the security of other people's computers in the attempt to secure your own software thereon. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
