5.1 Security Considerations for Implementers

The Remote Desktop Protocol: Licensing Extension uses its own security layer in addition to the RDP security layer (see [MS-RDPBCGR] section 5). Certain fields of licensing messages (see sections 2.2.2.1 through 2.2.2.7) are protected by encryption based on the license encryption key.

The license encryption key is different from the session encryption key used in the RDP security layer (see [MS-RDPBCGR] section 5.3.5). The license encryption key is always generated irrespective of whether RDP encryption is in effect. The client generates the license encryption key on receipt of the Server License Request message. The server generates the license encryption key on receipt of a Client License Information message or a Client New License Request message. Both client and server use the same license encryption key for the license protocol. For information on how the license encryption key is generated, see section 5.1.2.