1.3.5 Secure Clock Server
Portable devices are required to be able to validate time-based licenses against a correct time reference in order to support a time-based model of content usage. One way to implement this requirement is by using a secure clock. A secure clock is a clock that cannot be modified by any entity other than a secure time server. This section focuses on using a secure clock, and provides information about how to set a secure clock on a portable device. A complete specification of the secure clock protocol is documented in section 3.3.
Before playing protected content (2), a portable device verifies that a valid license is present for the content. If the license is time-based, the device then ensures that the current time is within the validity period of the license, using the time according to the device's secure clock.
By default, the secure clocks of new out-of-the-box devices are in the unset state. Therefore, before playing protected content, the device ensures its secure clock is set as described in section 3.2.3 Initialization. Portable devices can set a secure clock indirectly by connecting to the indirect license acquisition host, or directly by communicating with a secure clock server.