3.8.4.3 Online Publishing
Client bootstrapping is not required for online publishing. To create a PL, the client MUST have the public key of the licensing server so it can encrypt the content key and usage policies to the server. As the server's public key is stored in the SLC, the client MUST use the GetLicensorCertificate (section 3.7.4.1) method to acquire the server's SLC.
The client MAY include DISTRIBUTIONPOINT (section 2.2.9.7.3) of type "Referral-Info". The ADDRESS element SHOULD contain the URL of the server or an email address when the object type is "Referral-Info". The NAME element SHOULD contain the display name for the URL or the email when the object type is "Referral-Info". The GUID element SHOULD be a unique GUID for this DISTRIBUTIONPOINT element.
The client SHOULD set the ISSUEDTIME (section 2.2.9.1.1) element of the PL to the current time, expressed in UTC.
The client SHOULD include a principal element in the ISSUEDPRINCIPALS (section 2.2.9.7.4) element. The object and public key of the principal element SHOULD be a verbatim copy of the object and public key of principal element of the ISSUEDPRINCIPALS in the SLC.
For a PL based on an official rights template, the DESCRIPTOR element of the PL SHOULD be copied verbatim from the DESCRIPTOR element of the rights template. For PL's not based on an official rights template, the name field of the DESCRIPTOR element of the PL SHOULD be set to the value returned by the GetPolicyName abstract interface. The GUID field of the DESCRIPTOR SHOULD be set to the value returned by the GetPLID abstract interface.
The PL can include an OWNER (section 2.2.9.7.5) element. The OWNER element is an optional element specified by the application. The OWNER element identifies the content owner or author.
The client SHOULD call the GetRevocationPoint abstract interface with the GUID field of the DESCRIPTOR as a parameter to get a revocation point for the PL. If the revocation point is not null, the revocationpoint field of the PL SHOULD be a CONDITIONLIST (section 2.2.9.7.9) element. The type field of CONDITIONLIST SHOULD be set to the type property of the revocation point. The id field of CONDITIONLIST SHOULD be set to the ID property of the revocation point. The address field of CONDITIONLIST SHOULD be set to the Address property of the revocation point. The name field of CONDITIONLIST SHOULD be set to the Name property of the revocation point. The days, hours, minutes and seconds fields of CONDITIONLIST SHOULD be set to the revocation point's Time Interval properties: Days, Hours, Minutes, and Seconds. The modulus field of the publickey field of CONDITIONLIST SHOULD be set to the base64-encoded value of the revocation list Public Key property of the revocation point. The key length field of the publickey field of the CONDITIONLIST SHOULD be set to the length, in bits, of the revocation list Public Key property of the revocation point.
After the PL is constructed, it MUST be signed by the server before it can be used for licensing. The client MUST use the AcquireIssuanceLicense (section 3.5.4.1) method to have the server sign the PL.