RMS Key Definitions

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

The following table lists the keys that are used in a RMS system.

Key Use

Server keys

Public key

Encrypts the content key that is in a publishing license so that only servers in the RMS cluster can retrieve the content key and issues use licenses against that publishing license.

Private key

Signs all certificates and licenses that are issued by the cluster.

Machine keys

Public key

Encrypts a rights account certificate private key.

Private key

Decrypts a rights account certificate.

Client licensor keys

Public key

Encrypts the symmetric content key in the publishing licenses that it issues.

Private key

Signs publishing licenses that are issued locally while the user is not connected to the network.

User keys

Public key

Encrypts the content key that is in a use license so that only a particular user can consume rights-protected content by using that license.

Private key

Allows a user to consume rights-protected content.

Content keys

Encrypts rights-protected content when the author publishes it.