I STRONGLY suggest Alibre address this issue as well. I believe Alibre should have a floating license scheme since they allow users with active maintenance to have three concurrent licensed installs. They could make it very simple for us to manage licensing ourselves. A dropdown menu with a licensing option with dialog box would allow activation and deactivation using the internet along with codes for phone based use. Anyone who has used Adobe Creative suite apps will know how easy and convenient this scheme is for the end user. I use Bentley Intergraph PDS and Microstation at work and we have the ability to “check out” a license and then release it when we no longer need it. The only bad thing about this is tech savvy people will make an image of their drive, deactivate the programs in question and restore the image and have an illegal license. I remember old school “dongles” were used on the serial and USB ports and this is still not out of the question (in modified form) and should be the current scheme. I too upgrade my hardware anywhere from quarterly to annually with anything from a complete new build or just a few parts.
Whatever excuse Alibre has for not addressing this is invalid due to the simplicity of PKI integration. I used to do Enterprise PKI implementation for just about everything imaginable and I know how easy it is to put this technology to use. I’ll give you an example of the process to illustrate the simplicity, security, and fault tolerance of this system. First you setup a CA (Certificate Authority) Server running on an old cheap copy of Windows Server 2003 or a free copy of your favorite flavor of Linux. Then you setup a website with secure login to allow users to manage their account and request a certificate. The user installs the PKI client on their end that allows them to integrate their smart card with their browser and any software on their workstation that supports it. The user then inserts their smart card in a convenient front panel USB port (eToken Pro 64k), fires up an internet browser, and logs into Alibre license manager. The person fills out the request and the CA can be set to approve automagically or manually by CA admin. The private key is stored safely on the smart card and can never be exported or misused. Now the CA certificate is paired with the user certificate to authenticate the device on which the smart card is currently residing. The site and certificate based logon can be easily managed and organized using Windows Server 2003 Active Directory (feature of Server 2003).
The best thing about this is how it works behind the scenes. This scheme would allow Alibre to adopt RSA 2048 bit keys as license keys which can be endlessly generated securely and dump whatever they are using for generating these license codes. Alibre’s well known affinity for third part solutions probably means they are licensing this feature as well, which would mean instant savings for them. Who wants to type in 2,048 character key you say? Easy, you don’t. Once Alibre license manager authenticates the certificate on the smart card your software can be activated for whatever period of time your account reflects (1yr maintenance, perpetual, 30 day, temp licenses, etc…). What happens if I lose the card? Easy, you login to Alibre license manager site and deactivate the certificate and issue a temporary certificate that can be used without a smart card for 30 days while you wait for a replacement in the mail a few days down the road. If this falls into the wrong hands it can’t be used, as it will appear on the CA revocation list or if it hasn’t been discovered missing yet, it will require a pin to access the smart card for authentication and have limited attempts before locking. This could expose the IP address of the thief or tell Alibre that the person did not actually lose the key and is trying to commit fraud. In seven years of using PKI, PGP, and etoken I have never lost my card or has it failed. If Alibre is actually using a license generator of their own design then they could continue to use it to activate the software upon smart card authentication. They can generate three license codes for people on maintenance and one temporary code good for 30 days of use at a time. These codes would never be visible to the end user and would be delivered in an embedded form and most definitely encrypted. This would allow a user to insert smart card, open browser, navigate to Alibre account manager, securely login, go to license management, key in smart card pin, wait a few seconds for authentication, select available license, temp license, or be informed of no licenses remaining. Alibre license server would, upon successful authentication, activate (or deactivate) the product of temp license for 30days (temp), remaining maintenance period or perpetual for owners out of maintenance. This would save Alibre untold hours of billable support freeing up money to use elsewhere and many headaches of users. Keep in mind, this would be a once a year thing or whenever you are transferring a license. This may sound complicated to average Joe, but given the level of technical competence needed for CAD and a well designed graphical user interface for the licensing system, this would be a simple couple clicks of the mouse. All the technical stuff is a one time configuration on Alibre's end and happens automagically (transparently) for the end user.
I don’t know about everyone else, but I work 12-16hrs a day 5-6 days a week with a 45min commute each way and all my free time is on the weekend when Alibre is, you guessed it, CLOSED!! So, needless to say, it takes me many weeks to get around to addressing basic things that I should be able to do myself in a few seconds, with technology that has been around for ten years (serial dongles go back decades). The thing to note here is that UNLIKE DONGLES, which get lost and can be used and never expire, certificates can be set with or without expiration dates, require local or remote authentication, and can be revoked should it get lost making it unusable during the authentication process. I just gave Alibre $10,000 worth of free advice which can revolutionize their software, but it will never happen. They just now got around to using the .NET Framework Ribbon for their GUI which has been around since Office 2007 and in .NET SDK since at least 2008 making it nearly obsolete.
Max did promise us that EVERYTHING mentionable would be addressed in the next release. I think licensing it the most important for both parties involved, then reliability, features, price, etc… One last thing worth noting is that this can also be done offline for those of you who may have tight security policies due to clearance level contracts, but Alibre will have to pay for that info! Just kidding.
James
