Perhaps the closest analogy is with a document that must be shown to someone (say, a secret agent) but which he may not copy or carry away. You wouldn't do this by mail, which is roughly what an HTTP server represents.
The agent is put in a room. An armed guard brings the document, waits
while it is read, then takes it away. The agent is then allowed to
leave the room. He will be searched before leaving the building. In
short, you have to keep the protected document within an environment
you control. Your user's browser is not such an environment and
*cannot* give you the assurance you seek.
If you must control how the file is used, you must arrange that only
software provided by you is able to make it usable, and that that
software has only the functions you specify. This reduces the problem
from "impossible" to "impossible in the long term and monumentally
difficult in the short". History is replete with failed attempts.
}set mode=soapbox{
This sort of solution is nearly equivalent to the other one (don't
serve the document at all), because hardly anyone will put up with
such an offensive, ungainly, and insecure (for him) process. Unless
your documents are state secrets, you probably would be better off
thinking of another way.
Can't you just require an agreement before serving up the file, and
sue people who violate it until word gets around that you really mean
it? Individual, on-the-fly watermarking sounds a whole lot simpler
than what is being proposed here.
--
Mark H. Wood, Lead System Programmer mw...@iupui.edu
Friends don't let friends publish revisable-form documents.
pgpC1ammM4P44.pgp
Description: PGP signature
