3.2.5.1.1.2 Response Body

Response (DHA-Service->MDM-Server): DHA-Service reviews the data, creates a report (DHA-Report), and forwards the report to MDM-Server.

The response body from the DHA-Service to the MDM-Server is an encrypted BLOB.  It resembles the following.

 <?xml version="1.0" encoding="utf-8"?>
 <HealthCertificateValidationResponse xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ErrorCode="0" ErrorMessage="DHA validation report was generated successfully." ProtocolVersion="4" xmlns="http://schemas.microsoft.com/windows/security/healthcertificate/validation/response/v4">
     <HealthCertificateProperties>
         <Issued>2017-07-11T22:11:44.6953646Z</Issued>
         <AIKPresent>true</AIKPresent>
         <AttestationMethod>EK Certificate</AttestationMethod>
         <BitlockerEnabledAtBoot>false</BitlockerEnabledAtBoot>
         <BitlockerProtector>
             <UnlockType>None</UnlockType>
         </BitlockerProtector>
         <BootAppSVN>1</BootAppSVN>
         <BootDebuggingDisabled>true</BootDebuggingDisabled>
         <BootManagerSVN>1</BootManagerSVN>
         <BootRevListInfo>005D447A7CC6D101200000000B00CBB56E8B19267E24A2986C4A616CCB58B4D53F6020AC8FD5FC205C20F2AB00BC</BootRevListInfo>
         <CodeIntegrityEnabled>true</CodeIntegrityEnabled>
         <CodeIntegrityPolicy>00000000000001002C000B0020000000550070006400610074006500520076006B005300690050006F006C006900630079002E007000370062000000B3A95AD6A26B2AA407C92BCD3B84E112D141589D3E0E3981D51594FEBD72DFDC</CodeIntegrityPolicy>
         <CrashDumpEncryptionEnabled>false</CrashDumpEncryptionEnabled>
         <CredentialGuardEnabled>false</CredentialGuardEnabled>
         <DataExecutionPreventionPolicy>0</DataExecutionPreventionPolicy>
         <ELAMDriverHash>B4CA876CD2DCAB929A5B54016C703D026CB22EAA54E8B8C99DA61A1D53F244BF</ELAMDriverHash>
         <ELAMDriverLoaded>true</ELAMDriverLoaded>
         <ELAMDriverName>\WINDOWS\system32\drivers\WdBoot.sys</ELAMDriverName>
         <ELAMSignerName>Microsoft Windows Early Launch Anti-malware Publisher</ELAMSignerName>
         <FlightSigningNotEnabled>false</FlightSigningNotEnabled>
         <MemoryScrubbingProtectionEnabled>false</MemoryScrubbingProtectionEnabled>
         <NoSecureBootCustomPolicy>true</NoSecureBootCustomPolicy>
         <NotBootedIntoSafeMode>true</NotBootedIntoSafeMode>
         <NotBootedIntoWinPE>true</NotBootedIntoWinPE>
         <OSKernelDebuggingDisabled>true</OSKernelDebuggingDisabled>
         <OSRevListInfo>8073EEA7F8FAD001200000000B00A8285B04DE618ACF4174C59F07AECC002D11DD7D97FA5D464F190C9D9E3479BA</OSRevListInfo>
         <PageFileEncryptionEnabled>false</PageFileEncryptionEnabled>
         <PCRS hashAlgorithm="SHA1">
             <PCR n="0">7714E74524EBFBF671A485D3813A1926A34AB768</PCR>
             <PCR n="1">C7070A78B978C8B6E5E35DCBB1C98B87F7444EBE</PCR>
             <PCR n="2">B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236</PCR>
             <PCR n="3">B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236</PCR>
             <PCR n="4">DF5A11CF11030E2D9FA4E9BAB4BB7AF608B96EA3</PCR>
             <PCR n="5">7699BEA5781384130D674525E2B223D832922A01</PCR>
             <PCR n="6">B2A83B0EBF2F8374299A5B2BDFC31EA955AD7236</PCR>
             <PCR n="7">DF1F73DC71C6E4B054CCBB2A9BE0768978A7E1E3</PCR>
             <PCR n="8">0000000000000000000000000000000000000000</PCR>
             <PCR n="9">0000000000000000000000000000000000000000</PCR>
             <PCR n="10">0000000000000000000000000000000000000000</PCR>
             <PCR n="11">EBB98DF76613280F20DC38221143A9E727399486</PCR>
             <PCR n="12">FA38CE6A9101EF44002A5A89AFC3D094963976AC</PCR>
             <PCR n="13">24FED52A0787AFE466CF4008B2815A6E3822C511</PCR>
             <PCR n="14">D2366C862C4CB94577FA277F024C14AE149A3512</PCR>
             <PCR n="15">0000000000000000000000000000000000000000</PCR>
             <PCR n="16">0000000000000000000000000000000000000000</PCR>
             <PCR n="17">FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF</PCR>
             <PCR n="18">FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF</PCR>
             <PCR n="19">FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF</PCR>
             <PCR n="20">FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF</PCR>
             <PCR n="21">FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF</PCR>
             <PCR n="22">FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF</PCR>
             <PCR n="23">0000000000000000000000000000000000000000</PCR>
         </PCRS>
         <ProductionSignedBootManager>false</ProductionSignedBootManager>
         <PublicAIK>
             <Modulus>C6A0F391172685AA295410DE040E117B59611BC01B099914137097C02D11F30606E4375C2826260749D0845074DB902250E5BD3CB7080AE52615FEAEF6C146EFBE35B807EFC2CE767DA2BFE2043B70C3B4297C2B7C116A527BAB3A446B2F7C462DEA6C2F9CC4959F88DF465F94BE224066460CC6CA09CC7D9470195287BC11C8A9AD4007BD3C191D87C7A52C99749D31FBB36A400E1BF7508FB11B3F82944E13644CF1E5539C47A8C8A8D72A4D6F11CD98C58CEE03A951B6407F7CDC088959B2DAA14C1655D7D8827B2EC45535D1764D3BBFDAAFA32435ECCADDBCA2975C4DDBD1B2E40EF196EC0F551A79089F33392AC803915B0E05E181AAFBBC80F973CD9F</Modulus>
             <Exponent>010001</Exponent>
         </PublicAIK>
         <PublicEK>
             <Modulus>F1000C75A4B88005728CF2CFD1846612333AA1B437843AA6DCE542B5507998F2EED883F2DCC2F2E106592B77E12FA57EE5EE60D1F51164425480C4E565355F63B1420B7BE6B8D8FBD3EFFDB47AAE4C3ACA1FF077DBC3418F4C60E1A4C39836D799EA13E3F1EB67853D707E23FBC195C3F688210E697F5F02D5D3C8BD6D4FD7AA51F3380477026F0AE14AA8B7C576997F5BC72B2A106972A4B732FA8CC6DEB7EBDFF2C067237B66FC4AAE9CC42B636034B3B696CE1AB029950764CD0FFBDF421CE36D55697F28F3D3D1944888B3C0E71BCF79C4EF598DD7217D5783B8552B833E4997187B03FC09516C274CBE6830EBB400E8B43FF6934C175286EE0EB5A7277D</Modulus>
             <Exponent>010001</Exponent>
         </PublicEK>
         <ResetCount>3815208462</ResetCount>
         <RestartCount>426123972</RestartCount>
         <SecureBootCustomPolicyHash />
         <SecureBootEnabled>false</SecureBootEnabled>
         <TestSigningDisabled>true</TestSigningDisabled>
         <TpmVersion>2.0</TpmVersion>
         <UefiSignersUsedDuringBoot hashAlgorithm="SHA256" />
         <VBSDecryptionPublicKey>
             <Modulus>B2D860A22DAB2F8EF9D3725B6621193FC86D0E1AF13D45DB74DE080A344F91B9241B69E445CFCEB7CDE37BD42325D981E006517253C7EB71618145D281C3220E44D1FC7203FA25E9FE8839FB9B5380FA01B863911EF7B4E50D8E30593B3D34A4980887946F7084C3D55930540F6B1EAAADD8BEA14ED14745203F05CA902712B8AF6F0B15A2F89AC1DBD204B46335E8B35BD36CBB97725F1DDF9DEF87A0A6E447CA73DA1C8176ED87DBCCC51BF1B338E537EB6A7B2ECA64C46A62605BC067289DD696819AD7E37B8F43DC36EAD3244B24737B0E3E3FD83EBD78DDEE6CB3A85E7B072D48257433915CD7B313793E56A24E6AC9A256BE1BCCEDBE1A64437EAD3AC3</Modulus>
             <Exponent>010001</Exponent>
         </VBSDecryptionPublicKey>
         <VBSIOMMUEnabled>false</VBSIOMMUEnabled>
         <VBSMemoryScrubbingProtectionEnabled>false</VBSMemoryScrubbingProtectionEnabled>
         <VBSSigningPublicKey>
             <Modulus>F37D9E557BD9BD566E0B9F8AF40C08E7C425D531823876406F3063BDA0EC5C69DF85ED207B7E07DA47456E85D4588B865A7EDD75A9D6C5A765B0600001D8C3AE928453FFFE8D6E7B0614617BF5D3047156CF9CACE9457BA4A5CCAADC999FF86D991B77C32AF24032AB7BEBE23B08BD6EBDF351DCC9365BCD919A8A97DC5610B1B596969196D1838772DF882E557DDEA7A72ED5F0CD1F8A3D0D5FEA124C1CDAD90337C324382E7AFBE62B5E361D852E1AD04D0F93C0FCB5918C39C08586C5883075AA2F7AA6EF62E4197C5073D86A50E605586CAC3F7CC823CEF23C6F58E6BEE6C144F817A7F3A5B0989175F0FA10452C4644B2DBC7DE63648048FFC655B4D771</Modulus>
             <Exponent>010001</Exponent>
         </VBSSigningPublicKey>
         <VirtualizationBasedSecurityEnabled>true</VirtualizationBasedSecurityEnabled>
         <WindowsBootManagerHash>1C44308B27F5184D8BF42944FC4E10588B7EFBD4D188A01A2F03ECCEDCC02429</WindowsBootManagerHash>
         <WindowsOSLoaderHash>6F9F505E5B913A32DC9BA6053F5C64EC1003E84C63D6E3A26A252674BBF9BCF7</WindowsOSLoaderHash>
         <SystemProperties>
             <SystemProperty name="IntelAMTNotProvisioned">true</SystemProperty>
             <SystemProperty name="IntelMEFirmwareVersion">9.1.41.3024</SystemProperty>
             <SystemProperty name="IntelSA00075Unaffected">true</SystemProperty>
         </SystemProperties>
     </HealthCertificateProperties>
 </HealthCertificateValidationResponse> >