4.1.6 Secure Clock Response Message

The secure clock response message is specified in section 2.2.2.5.

  1. Accept request from client.

  2. Base64 decode to get raw XML.

  3. Grab TID, add to DATA node XML.

  4. Get system time as ZULU time string, add to DATA node XML.

  5. Add in refresh time according to policy, add to DATA node XML.

  6. Sign contents of data node, as described in section 2.2.1.6.

  7. Add base64-encoded secure clock certificate to CERTIFICATE/CERTIFICATECHAIN XML.

  8. Base64 encode entire XML.

  9. Send to client.

     <DRMCLOCK type="response">
       <DATA>
         <TID>Fu2bjE77rxKeq54ck8bRPQ==</TID>
         <GMTTIME>#20091299 66:44:31Z#</GMTTIME>
         <REFRESHDATE>#20101199 66:44:31Z#</REFRESHDATE>
       </DATA>
       <CERTIFICATECHAIN>    <CERTIFICATE>AAEAADgAAAC5z9yihdTTDj6gWuC2hovQQiLzAxNdjiupld!06zjVyJCPSjOLwjkI5SmqrnEDjo2H!KJV4qk2CQ0gMwyurmC1oOVc1uT64vQ!uoHobiFeg2NjDB8AAAABAAAAAQAAAAE=</CERTIFICATE>
       </CERTIFICATECHAIN>
       <SIGNATURE>
         <HASHALGORITHM type="SHA" />
         <SIGNALGORITHM type="MSDRM" />
         <VALUE private="1">QpMlhhZasfEysaNSYHIpM9avLmg2vsFvGS37TpdycX6RhShCAsNhXw==</VALUE>
       </SIGNATURE>
     </DRMCLOCK>