2.2 Message Syntax
The Group Policy: Encrypting File System Extension MUST use the message syntaxes as specified in [MS-GPOL] section 2.2 and [MS-GPREG] section 2.2. EFS Group Policy options are implemented as entries in the machine-specific Registry Policy file used by the Group Policy: Registry Extension Encoding. To support a given Group Policy option, the EFS administrative plug-in MUST provide a method to write and query the corresponding entry in the machine-specific Registry Policy file of the relevant GPO.
The following EFS Group Policy options are defined:
EFS recovery policy
EFS enabled status
EFS additional options
EFS user template name
EFS self-signed certificate key length or algorithm identifier.
These are described in more detail in the following sections. Because all message processing is performed by the Group Policy: Core Protocol, the following sections merely specify the format of the corresponding entries in the machine-specific Registry Policy file. The intent of various settings is also described in the following sections; however, these settings are processed by the EFS in the client, and their descriptions here are only for informative purposes, not for normative purposes.