2.2.9.4 Security Processor Certificate
This section defines the format of the SPC. The SPC is acquired during client initialization and is never generated by the server (section 3.8.3.1).
The SPC MUST use the following template.
-
<XrML version="1.2" xmlns=""> <BODY type="LICENSE" version="3.0"> [[- issuedtime -]] [[- descriptor -]] [[- issuer -]] [[- distributionpoint -]] [[- issuedprincipals -]] </BODY> [[- signature -]] </XrML>
[[- issuedtime -]]: MUST be an ISSUEDTIME (section 2.2.9.1.1) element containing the time the SPC was generated, in UTC.
[[- descriptor -]]: MUST be a DESCRIPTOR (section 2.2.9.4.1) element describing the SPC.
[[- issuer -]]: MUST be an ISSUER (section 2.2.9.4.2) element describing the issuer of the SPC.
[[- distributionpoint -]]: MUST be a DISTRIBUTIONPOINT (section 2.2.9.4.3) element describing the location of the issuer of the SPC.
[[- issuedprincipals -]]: MUST be an ISSUEDPRINCIPALS (section 2.2.9.4.4) element describing the principal and the SPC public key.
[[- signature -]]: MUST be a SIGNATURE (section 2.2.9.1.12) element containing the cryptographic signature of the body of the certificate, generated by the issuer of the certificate.