1.5 Prerequisites/Preconditions

The Remote Session Monitoring and Control Protocol imposes the following requirements on server implementations:

  • An implementation-specific way of determining the fully qualified domain name (FQDN) or IP address of the server to be managed.

  • An implementation-specific way of determining the username and password of an account that has administrator privileges on the server to be managed.

  • An implementation-specific way for the server to generate a secure password used to authenticate HTTPS requests.

  • The protocol mandates the use of HTTP to obtain the server's identification certificate and protocol version.

  • The protocol mandates the use of HTTPS with username/password authentication for all operations that do not involve obtaining the server's identification certificate or protocol version.

A binding between the client machine and the server machine has to be established before the server accepts management requests from the client. The binding process is as follows:

  1. The client obtains in an implementation-specific way either the FQDN or IP address of the server to be managed.

  2. The client makes a web service request to the server using the HTTP protocol over TCP port 80 to the endpoint IMultiPointCertificateRequest (section 3.1) in order to obtain the server's X.509 certificate and the TCP port number.

  3. The client obtains in an implementation-specific way the username and password of an account on the server that has administration privileges.

  4. The client makes a web service request to the server using the HTTPS protocol over the TCP port obtained in step 2 to the endpoint IMultiPointCredentialRequest (section 3.4) using the credentials obtained in step 3 for authentication, in order to obtain the server's management password and the server’s control password. These passwords are used to authenticate all requests to the server and all event notifications from the server.

  5. The client makes a web service request to the server using the HTTPS protocol over the TCP port obtained in step 2 to the endpoint IMultiPointCredentialRequest (section 3.4) using the credentials obtained in step 3 for authentication, and supplies the client's X.509 identification certificate so that the server can send event notifications to the client.

    Once this process is complete, the client machine is considered trusted by the server machine and the client can make any of the management requests supported by the protocol.