1.3.2 Precertification Interface

When protected content is sent to recipients, each recipient has to acquire a use license that grants access to the content. The use license describes the usage policy for that user with that content and encrypts the content key to the user's public key. This process and protocol is described in the RMS: Client-to-Server Protocol Specification [MS-RMPR].

As an optimization, the use license for a recipient could be generated in advance and made available with the content at the time the recipient attempted to access it. The use license could be requested on behalf of the recipient by either the sender or a server application that might be involved in delivering the content to the recipient. This use license would allow the recipient to access the content as soon as it was delivered without having to contact the RMS server, presuming that the recipient has already been bootstrapped.

In order to acquire a license on behalf of a recipient user, a requestor retrieves the public part of the recipient's RMS Account Certificate (RAC) using the Precertification interface and then requests a use license from the RMS Server using the RMS: Client-to-Server Protocol [MS-RMPR]. The Precertification interface exposes one request and response message to enable precertification via the Precertify operation.