Use License Acquisition
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To consume rights-protected content, a user must acquire a use license from the RMS licensing service. The following figure illustrates the process of requesting and receiving a use license.
The process of acquiring a use license involves the following steps:
The user receives a protected file through a typical distribution channel, and then opens it by using an RMS-enabled application. If the user does not have a rights account certificate on the current computer or device, the user must then acquire one.
The RMS-enabled application sends a request for a use license to the cluster that issued the publishing license for the protected content. The request includes the user's rights account certificate (which contains the user's public key) and the publishing license (which contains the content's symmetric key).
A publishing license that is issued by a client licensor certificate includes the URL of the cluster that issued the certificate. In that example, the request for a use license goes to the cluster that issued the client licensor certificate, and not to the computer that issued the publishing license.
The cluster licensing the content validates that the user is authorized, checks that the user is named in the publishing license, and then creates a use license. The server validates the user's account certificate, and then determines which permissions the user has been granted, either directly or as a member of a group that has been granted permissions.
The server in the cluster that receives the request decrypts the symmetric content key by using the private key of the cluster, re-encrypts it by using the public key of the recipient, and adds it to the use license. This step assures that only the intended user can decrypt the content key, and the protected content.
The cluster adds any relevant conditions to the use license, such as an application or Windows version exclusion. These conditions are enforced by the client at the time that the use license is bound to the rights-protected content.
When the validation is complete, the cluster licensing the contente returns the use license to the user's client computer.