3.8.1.1 Abstract Elements

All of the following ADM elements are persisted in implementation-specific storage.

  • Trusted SPC Issuer private key: The Trusted SPC Issuer Private key is used to sign the SPC.

  • Trusted SPC Issuer chain: An XrML 1.2 certificate chain that is used to generate the SPC chain. The SPC Issuer certificate contains the public key that corresponds to the Trusted SPC Issuer Private Key.

  • SPC private key: A unique private key that is generated at activation time and issued to the machine, either by self-activation or by calling the Activate method. The private key is stored securely on the client.

  • SPC chain: An XrML 1.2 certificate chain generated during activation that contains the public key corresponding to the SPC private key. The trusted security processor CA key exists in the chain.

  • RAC chain: An XrML 1.2 certificate chain that issues an asymmetric encryption key pair to a user account, bound to a machine. Acquired by making a Certify request to the server.

  • CLC Chain: An XrML 1.2 certificate chain that issues an asymmetric signing key pair to a user account, bound to a machine. Acquired by making a GetClientLicensorCert request to the server.

  • List of official rights templates: An official rights template is an XrML 1.2 certificate chain that defines usage policy. This usage policy is used to generate the PL chain during offline publishing. A list of official rights templates is a collection of official rights templates. A list of official rights templates can be acquired by making an AcquireTemplate (section 3.4.4.3) request to the server.

  • SLC chain: An XrML 1.2 certificate chain that signs the RMS server's public key into the certificate hierarchy. Acquired by making a GetLicensorCertificate request to the server.

Note that the preceding conceptual data can be implemented using a variety of techniques. Any data structure that stores the preceding conceptual data can be used in the implementation.