This document specifies the Network Key Protector Unlock (NKPU) Protocol. NKPU enables a client to send key material along with a session key as an encrypted package to a remote server and to receive the decrypted key material protected by the session key.
This protocol is built on top of the Dynamic Host Configuration Protocol (DHCP) and uses DHCP options to transmit its data between client and server. Applicable DHCP versions are specified in section 1.7.
Sections 1.8, 2, and 3 of this specification are normative and can contain the terms MAY, SHOULD, MUST, MUST NOT, and SHOULD NOT as defined in RFC 2119. Sections 1.5 and 1.9 are also normative but cannot contain those terms. All other sections and examples in this specification are informative.