Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Offline publishing is different from online publishing because of the way in which the RMS-enabled application acquires the publishing license.
Before an author publishes content offline, the author must acquire a client licensor certificate while they have network access to the root certification server.
The offline publishing process involves the following steps:
The author creates the document by using an RMS-enabled application, and then specifies the rights and conditions for the content.
When the author saves the file, the client licensor certificate allows the local computer or device to issue and sign a publishing license for the file.
The publishing license contains two copies of the content key: one that is encrypted with the public key of the client licensor certificate, and one that is encrypted with the public key of the cluster that issued the client licensor certificate. It also contains the URL of the cluster. The two public keys and the URL come from the client licensor certificate.
The computer uses the client licensor certificate to create an owner license, which is a special use license that grants the author the right to consume the rights-protected content while they are offline. The client licensor certificate uses its private key to decrypt the symmetric content key from the publishing license, and then re-encrypts it to the owner license.
The application encrypts the file with the content key and binds the publishing license to the file. Only the RMS cluster that issued the publishing license, or a cluster that is a member of a trusted publishing domain, can issue licenses to decrypt this file.