3.2.5.1 DRM Version 1 Server Message Processing Events and Sequencing Rules
The Digital Rights Management (DRM) Version 1 License Response packet is used by the license server to send a license for content to a client.

Figure 5: DRM client/server response sequence
The server response to the client request is a single license that is encoded with the base64 encoding algorithm embedded within an HTML page.
Request Validation
If the client request is longer than 201 bytes, the server MUST return the error "2007:Challenge String does not have correct length."
If the Version field is not equal to { 0x00, 0x01, 0x00, 0x01 }, the server MUST return the error "2008:License Request Version does not match the version supported."
If decryption of the client request fails, the server MUST return the error "2003:Unable to interpret the challenge blob. Probably incompatible client."
If the AppSec field contains an application security level lower than that required for the desired license, the server MUST return the error "2025:The requesting application security level is lower than specified level."
If the pkcert.pk is not found within the white list of nonrevoked client certificates (see Client Certificate White List (section 3.2.3.1.1)), the server MUST return the error "4004:Client version is not supported. Probably missing client verification key."
If signature verification of pkcert.pk fails, the server MUST return the error "2009:Unauthorized client request. Signature Verification Failure."
Response Generation
members
CERTIFIED_LICENSE.license.licVersion MUST contain the value { 0x00, 0x01, 0x00, 0x01 }.
CERTIFIED_LICENSE.license.datLen MUST contain the value { 0x75, 0x00, 0x00, 0x00 }.
CERTIFIED_LICENSE.license.sign contains the signature of CERTIFIED_LICENSE.license.ld as described in LICENSE (section 2.2.2.3.4).
CERTIFIED_LICENSE.license.ld.KID contains the key ID for the issued license. This value MUST match the value requested by the client in the KeyID field.
CERTIFIED_LICENSE.license.ld.key contains the encrypted RC4 content key as described in LICENSEDATA (section 2.2.2.3.5).
CERTIFIED_LICENSE.license.ld.rights contains a bitmask of the rights granted in the license. This MUST NOT include more rights than were requested by the client in the Rights field.
CERTIFIED_LICENSE.license.ld.appSec contains either the minimum application security level required to use the license or the same value requested by the client in the AppSec field.
CERTIFIED_LICENSE.license.ld.expiryDate contains the license expiration date as described in LICENSEDATA.
CERTIFIED_LICENSE.cert1 contains the Microsoft-signed certificate representing the license server. This certificate is supplied in CS.
CERTIFIED_LICENSE.cert2 contains the root certificate representing the Microsoft certificate authority. This certificate is supplied in CS.