1.3 Overview

This protocol defines a set of XML elements used by a client to create and consume rights-managed e-mail messages. A rights-managed e-mail message is used to protect e-mail content from inappropriate access, use and distribution. Each rights-managed e-mail message has an associated rights policy template, which controls the usage policy applied to each rights-managed e-mail message.

A rights policy template specifies whether a user can edit, forward, reply, reply all, print, extract (copy), export (remove protection), or programmatically access the content in the rights-managed e-mail message. When a user creates a rights-managed e-mail message, the user chooses and applies the rights policy template that has the protection settings they require. For example, a manager can send an employee confidential information using a template that prohibits forwarding or printing the e-mail, but does allow the user to respond to the e-mail. Or, a public relations manager can send confidential company information to users inside their organization, and select a template that only allows the protected content to be viewed, replied to, and forwarded within the organization, but not viewed outside the organization.

The creation of rights policy templates is external to this protocol. For more information about deployment and distribution of rights policy templates, see [MSFT-ARPTC].

The XML elements specified in this protocol enable the client to:

  • Retrieve the rights policy templates available to the client for composing rights-managed e-mail message.

  • Compose new e-mail by using rights policy templates.

  • Retrieve rights-managed e-mail messages.

  • Request that the server decompress and decrypt rights-managed e-mail messages before sending them to the client. For details about decompress and decrypt rights-managed email messages, refer to [MS-OXORMMS] section

  • Perform actions on a rights-managed e-mail message in accordance with the rights policy template applied to the e-mail message.

It is the responsibility of the client to enforce the rights specified by the rights policy template to the rights-managed e-mail message.