1.1 Glossary

This document uses the following terms:

Advanced Encryption Standard (AES): A block cipher that supersedes the Data Encryption Standard (DES). AES can be used to protect electronic data. The AES algorithm can be used to encrypt (encipher) and decrypt (decipher) information. Encryption converts data to an unintelligible form called ciphertext; decrypting the ciphertext converts the data back into its original form, called plaintext. AES is used in symmetric-key cryptography, meaning that the same key is used for the encryption and decryption operations. It is also a block cipher, meaning that it operates on fixed-size blocks of plaintext and ciphertext, and requires the size of the plaintext as well as the ciphertext to be an exact multiple of this block size. AES is also known as the Rijndael symmetric encryption algorithm [FIPS197].

Advanced Systems Format (ASF): An extensible file format that is designed to facilitate streaming digital media data over a network. This file format is used by Windows Media.

American National Standards Institute (ANSI) character set: A character set defined by a code page approved by the American National Standards Institute (ANSI). The term "ANSI" as used to signify Windows code pages is a historical reference and a misnomer that persists in the Windows community. The source of this misnomer stems from the fact that the Windows code page 1252 was originally based on an ANSI draft, which became International Organization for Standardization (ISO) Standard 8859-1 [ISO/IEC-8859-1]. In Windows, the ANSI character set can be any of the following code pages: 1252, 1250, 1251, 1253, 1254, 1255, 1256, 1257, 1258, 874, 932, 936, 949, or 950. For example, "ANSI application" is usually a reference to a non-Unicode or code-page-based application. Therefore, "ANSI character set" is often misused to refer to one of the character sets defined by a Windows code page that can be used as an active system code page; for example, character sets defined by code page 1252 or character sets defined by code page 950. Windows is now based on Unicode, so the use of ANSI character sets is strongly discouraged unless they are used to interoperate with legacy applications or legacy data.

ASCII: The American Standard Code for Information Interchange (ASCII) is an 8-bit character-encoding scheme based on the English alphabet. ASCII codes represent text in computers, communications equipment, and other devices that work with text. ASCII refers to a single 8-bit ASCII character or an array of 8-bit ASCII characters with the high bit of each character set to zero.

Augmented Backus-Naur Form (ABNF): A modified version of Backus-Naur Form (BNF), commonly used by Internet specifications. ABNF notation balances compactness and simplicity with reasonable representational power. ABNF differs from standard BNF in its definitions and uses of naming rules, repetition, alternatives, order-independence, and value ranges. For more information, see [RFC5234].

authenticated commands: A cryptographically signed command flowing from the WMDRM: Network Devices Protocol Receiver to the WMDRM: Network Devices Protocol Transmitter.

base license: A reference Windows Media DRM policy from which a Windows Media DRM license is derived.

binary large object (BLOB): A collection of binary data stored as a single entity in a database.

certificate chain: A sequence of certificates, where each certificate in the sequence is signed by the subsequent certificate. The last certificate in the chain is normally a self-signed certificate.

certificate revocation list (CRL): A list of certificates that have been revoked by the certification authority (CA) that issued them (that have not yet expired of their own accord). The list must be cryptographically signed by the CA that issues it. Typically, the certificates are identified by serial number. In addition to the serial number for the revoked certificates, the CRL contains the revocation reason for each certificate and the time the certificate was revoked. As described in [RFC3280], two types of CRLs commonly exist in the industry. Base CRLs keep a complete list of revoked certificates, while delta CRLs maintain only those certificates that have been revoked since the last issuance of a base CRL. For more information, see [X509] section 7.3, [MSFT-CRL], and [RFC3280] section 5.

certification authority (CA): A third party that issues public key certificates. Certificates serve to bind public keys to a user identity. Each user and certification authority (CA) can decide whether to trust another user or CA for a specific purpose, and whether this trust should be transitive. For more information, see [RFC3280].

Certified Output Protection Protocol (COPP): A device driver system used to secure high band-width digital communications channels between media applications and display devices.

challenge: A piece of data used to authenticate a user. Typically a challenge takes the form of a nonce.

cipher: A cryptographic algorithm used to encrypt and decrypt files and messages.

content: Multimedia data. content is always in ASF, for example, a single ASF music file or a single ASF video file.  Data in general. A file that an application accesses. Examples of content include web pages and documents stored on either web servers or SMB file servers.

content encryption key: A cryptographic key that is used to encrypt data. Content encryption keys are used not only to encrypt content, but also to encrypt other secrets, such as the proximity detection nonce.

content integrity key: A cryptographic key that is used to assert message integrity. Content encryption keys are used to calculate the OMAC1 [OMAC] of various messages.

counter mode (CTR): A confidentiality mode that features the application of the forward cipher to a set of input blocks, called counters, to produce a sequence of output blocks that are exclusive-ORed (XOR) with the plaintext to produce either ciphertext during the encryption process or plaintext during the decryption process.

datagram: A style of communication offered by a network transport protocol where each message is contained within a single network packet. In this style, there is no requirement for establishing a session prior to communication, as opposed to a connection-oriented style.

decryption: In cryptography, the process of transforming encrypted information to its original clear text form.

device: Any peripheral or part of a computer system that can send or receive data.

device driver: The software that the system uses to communicate with a device such as a display, printer, mouse, or communications adapter. An abstraction layer that restricts access of applications to various hardware devices on a given computer system. It is often referred to simply as a "driver".

digest: The fixed-length output string from a one-way hash function that takes a variable-length input string and is probabilistically unique for every different input string. Also, a cryptographic checksum of a data (octet) stream.

digital signature: A message authenticator that is typically derived from a cryptographic operation by using an asymmetric algorithm and private key. When a symmetric algorithm is used for this purpose, the authenticator is typically referred to as a Message Authentication Code (MAC).

encryption: In cryptography, the process of obscuring information to make it unreadable without special knowledge.

exchange: A pair of messages, consisting of a request and a response.

file: An entity of data in the file system that a user can access and manage. A file must have a unique name in its directory. It consists of one or more streams of bytes that hold a set of related data, plus a set of attributes (also called properties) that describe the file or the data within the file. The creation time of a file is an example of a file attribute.

flags: A set of values used to configure or report options or settings.

flow: A TCP session or User Datagram Protocol (UDP) pseudo session, identified by a 5-tuple (source and destination IP and ports, and protocol). By extension, a request/response Internet Control Message Protocol (ICMP) exchange (for example, ICMP echo) is also a flow.

globally unique identifier (GUID): A term used interchangeably with universally unique identifier (UUID) in Microsoft protocol technical documents (TDs). Interchanging the usage of these terms does not imply or require a specific algorithm or mechanism to generate the value. Specifically, the use of this term does not imply or require that the algorithms described in [RFC4122] or [C706] must be used for generating the GUID. See also universally unique identifier (UUID).

hash function: A function that takes an arbitrary amount of data and produces a fixed-length result (a "hash") that depends only on the input data. A hash function is sometimes called a message digest or a digital fingerprint.

Hash-based Message Authentication Code (HMAC): A mechanism for message authentication using cryptographic hash functions. HMAC can be used with any iterative cryptographic hash function (for example, MD5 and SHA-1) in combination with a secret shared key. The cryptographic strength of HMAC depends on the properties of the underlying hash function.

HRESULT: An integer value that indicates the result or status of an operation. A particular HRESULT can have different meanings depending on the protocol using it. See [MS-ERREF] section 2.1 and specific protocol documents for further details.

interface: A group of related function prototypes in a specific order, analogous to a C++ virtual interface. Multiple objects, of different object class, may implement the same interface. A derived interface may be created by adding methods after the end of an existing interface. In the Distributed Component Object Model (DCOM), all interfaces initially derive from IUnknown.

leaf license: A license that specifies rules that augment or restrict the rules in a root license. A leaf license can be more or less restrictive than a root license.

license: A data structure that contains, but is not limited to, policies and an encrypted content key. WMDRM: Network Devices Protocol has four types of licenses: standard licenses, root licenses, base licenses, and leaf licenses.

license retrieval: Every time a receiver requests content from a transmitter, the transmitter delivers to the receiver a standard license, a root license when using license chains, or a base license when using license derivation data. This procedure is referred to as license retrieval.

license update: Every time a receiver requests content and does not require a new root or base license, this procedure is invoked. This is the procedure in which a transmitter delivers a leaf license to the receiver to update a license restriction.

little-endian: Multiple-byte values that are byte-ordered with the least significant byte stored in the memory location with the lowest address.

near: An expression of the relationship between transmitters and receivers. A transmitter and receiver are near one another if proximity detection can be executed between them.

network byte order: The order in which the bytes of a multiple-byte number are transmitted on a network, most significant byte first (in big-endian storage). This may or may not match the order in which numbers are normally stored in memory for a particular processor.

nonce: A number that is used only once. This is typically implemented as a random number large enough that the probability of number reuse is extremely small. A nonce is used in authentication protocols to prevent replay attacks. For more information, see [RFC2617].

OpenCable Unidirectional Receiver (OCUR): A WMDRM: Network Devices Protocol transmitter that is manufactured in accordance with the specification for OpenCable Unidirectional Receiver Host Device issued by CableLabs [OCDRIP] and is paired with a CableCARD.

packet identifier (PID): The encoding of the identity is dependent on the type of packet being identified.

policy: (1) A set of rules that governs all interactions with an object such as a document or item.

(2) The set of rules that govern the interaction between a subject and an object or resource.

private key: One of a pair of keys used in public-key cryptography. The private key is kept secret and is used to decrypt data that has been encrypted with the corresponding public key. For an introduction to this concept, see [CRYPTO] section 1.8 and [IEEE1363] section 3.1.

Protected Broadcast Driver Architecture (PBDA): A worldwide platform for broadcast TV on the PC. This platform enables the PC-TV hardware ecosystem to integrate virtually any free or premium TV service into Windows Media Center, while satisfying the TV industry's requirements for strong content protection for pay TV.

proximity detection: The procedure in which a transmitter determines if a receiver is near.

public key: One of a pair of keys used in public-key cryptography. The public key is distributed freely and published as part of a digital certificate. For an introduction to this concept, see [CRYPTO] section 1.8 and [IEEE1363] section 3.1.

Public Key Cryptography Standards (PKCS): A group of Public Key Cryptography Standards published by RSA Laboratories.

Real-Time Streaming Protocol (RTSP): A protocol used for transferring real-time multimedia data (for example, audio and video) between a server and a client, as specified in [RFC2326]. It is a streaming protocol; this means that RTSP attempts to facilitate scenarios in which the multimedia data is being simultaneously transferred and rendered (that is, video is displayed and audio is played).

Real-Time Transport Protocol (RTP): A network transport protocol that provides end-to-end transport functions that are suitable for applications that transmit real-time data, such as audio and video, as described in [RFC3550].

receiver: A device that acquires licenses and content from transmitters (for example, a digital media receiver).

registration: The procedure in which a transmitter is able to uniquely identify a receiver.

resource: Any component that a computer can access that can read, write, and process data. This includes internal components (such as a disk drive), a service, or an application running on and managed by the cluster on a network that is used to access a file.

revalidation: The procedure in which a receiver that has successfully completed the registration process with a transmitter repeats the registration process with the same Transmitter.

revocation: The process of invalidating a certificate. For more details, see [RFC3280] section 3.3.

revocation information version (RIV): When a client application or device requests a license, the license challenge includes the client's revocation information structure. This structure contains an RIV and the revocation lists that the client supports. To determine whether the client revocation information is current, the license server compares its RIV to the client RIV.

revocation list: The list of identifiers of software or hardware components to which protected content cannot flow. Different content protection systems typically have different formats for representing revocation lists.

revocation list update: The procedure in which a receiver requests an updated revocation list from a transmitter.

root certificate: A self-signed certificate that identifies the public key of a root certification authority (CA) and has been trusted to terminate a certificate chain.

root license: A license whose rules can be further restricted or augmented by terms in a leaf license. A root license can be more or less restrictive than a leaf license.

round-trip time (RTT): The time that it takes a packet to be sent to a remote partner and for that partner's acknowledgment to arrive at the original sender. This is a measurement of latency between partners.

secret key: A symmetric encryption key shared by two entities, such as between a user and the domain controller (DC), with a long lifetime. A password is a common example of a secret key. When used in a context that implies Kerberos only, a principal's secret key.

service: A process or agent that is available on the network, offering resources or services for clients. Examples of services include file servers, web servers, and so on.

service or UPnP service: A set of rules that is required to be published by the device and advertised when the device is turned on all the available control points.

Session Description Protocol (SDP): A protocol that is used for session announcement, session invitation, and other forms of multimedia session initiation. For more information see [MS-SDP] and [RFC3264].

Simple Mail Transfer Protocol (SMTP): A member of the TCP/IP suite of protocols that is used to transport Internet messages, as described in [RFC5321].

Simple Service Discovery Protocol (SSDP): Used to detect UPnP devices on a network. SSDP is maintained by the Internet Engineering Task Force (IETF).

standard license: A stand-alone, self-contained license. A standard license is not updated by a leaf license.

symmetric key: A secret key used with a cryptographic symmetric algorithm. The key needs to be known to all communicating parties. For an introduction to this concept, see [CRYPTO] section 1.5.

Time-To-Live (TTL): The time duration for which a Server Object is available.

topology: The structure of the connections between members.

transmitter: A device that issues policy and transfers content to a receiver. An example of a transmitter is a digital media server.

Uniform Resource Locator (URL): A string of characters in a standardized format that identifies a document or resource on the World Wide Web. The format is as specified in [RFC1738].

Universal Plug and Play (UPnP): A set of computer network protocols, published by the UPnP Forum [UPnP], that allow devices to connect seamlessly and that simplify the implementation of networks in home (data sharing, communications, and entertainment) and corporate environments. UPnP achieves this by defining and publishing UPnP device control protocols built upon open, Internet-based communication standards.

User Datagram Protocol (UDP): The connectionless protocol within TCP/IP that corresponds to the transport layer in the ISO/OSI reference model.

XML: The Extensible Markup Language, as described in [XML1.0].

MAY, SHOULD, MUST, SHOULD NOT, MUST NOT: These terms (in all caps) are used as defined in [RFC2119]. All statements of optional behavior use either MAY, SHOULD, or SHOULD NOT.