4.1 Using Decommissioning to Remove Protection from Content

An RMS server is placed in decommissioning mode so that RMS protection can be removed across the organization and all content can be decrypted:

1. Usage policy is extracted from protected content by the application.

   The application extracts or retrieves the publishing license from wherever the application has stored it. Storage of the publishing license associated with protected content is the responsibility of the application.

2. AcquireContentKey operation is called.

   

   Figure 9: AcquireContentKey operation is called

   The publishing license acquired in step 1 contains both the usage policy for the content and the content key. This information has been encrypted with the server's public key. Normally, the publishing license is sent to the server so that a use license can be generated, granting only the specific access rights which correspond to a specified user or entity. In the decommissioning case, however, the server does not evaluate the policy described in the publishing license. Rather, it merely decrypts the content key and returns the key to the requestor without specifying any usage policy.

3. The requestor can use the returned content key to decrypt the content and remove RMS protection.