The CLUSCTL_RESOURCE_ADD_CRYPTO_CHECKPOINT resource control code SHOULD<146> associate a cryptographic key checkpoint, as specified in section, with the designated resource.

The client MUST provide the location of the cryptographic keys, as specified in section, in the buffer that is designated by lpInBuffer.

After successful completion of the method, the server SHOULD NOT write any data to the buffer that is designated by lpOutBuffer.

The server MUST restore the cryptographic key on the node hosting the resource prior to bringing the resource online. The server MAY choose to detect changes in the checkpointed data and take another checkpoint of the data associated with the resource.

The server MUST accept a CLUSCTL_RESOURCE_ADD_CRYPTO_CHECKPOINT resource control code request if its protocol server state is in the read/write state, as specified in section 3.1.1.