3.3.5.2.2.3 Encrypt Shared Key and Add to Security element

The newly generated shared key (section 3.3.5.2.2.1) MUST be encrypted using the domain's encryption public key with the RSA algorithm, as defined in [PKCS1]. The domain certificate information has been obtained from the previous KeyActivation or AutoAccountCodeConfiguration message.

The encrypted key MUST then be added as the value for the attribute CSMKey to the security element "urn:groove.net:SE".