Hello there,
We (Kolab Systems AG) are very much interested in using Candlepin for entitlement management. In the capacity of one of their sysadmins, I'm exploring implementation feasibility and such and so forth.
Now, I'm not all too familiar with Candlepin, so please bear with me while I attempt to both give a correct representation of Candlepin semantics and my idea for off-line entitlement management.
Let me first state that Kolab System on it's own was looking to include the entitlement metadata in x509 extensions, and it seems to me so does Candlepin. Restricted access to updates for the work using SSL server/client certificates included, I think the similarities between the two sets of functional requirements are worth exploring ;-)
Either way, this topic is about how entitlements are verified; We've had a short discussion on IRC on the subject, and given that conversation and the docs on fh.o/candlepin it seems to me, that the entitlement verification is based on some sort of -what one could arguably call- a phone-home mechanism (with or without a satellite candlepin system in between provider and customer).
Now, let's suppose a customer simply refuses to implement any kind of phone- home mechanism, and wants their systems completely offline -which to me sounds like a very reasonable requirement.
The functionality that I proposed for consideration in a short IRC chat is based on this -existing- requirement;
What if we figure out a way to encrypt a license file somehow, that the application on the customer side can only decrypt to verify its entitlements, and the provider can create using information not available to the customer?
The culprit basically is, that if it can be taken off-line, it might also be forged. However, since we're in the realm of Free Software (capital F), we're not worried about this. We're worried about not being able to meet the customer implementation requirements ;-)
I would appreciate some feedback! ;-)
Take care,