The key is useless without the server and feature it is issued for. There is no need to secure the transmission of the key. Automated delivery over http(s) is starting to get more and more normal (most screen servers don't have such capabilities yet, so you will need a Theatre Management System or separate box which will receieve the key and deliver it to the server).

My point wasn't to make the transmission secure (since it would one be a 50 cm wire between two boxes in the projection room), but to isolate the screen server from the internet.

Even if the internet connected box gets hacked, they have no chance of accessing the screen server through the serial cable.