COMPLIANCE RULES FOR
WMRM 10 SDK APPLICATIONS AND SERVICES
1. DEFINITIONS
The following terms have the meanings set forth below. Other initially capitalized terms
not defined in these Compliance Rules have the meanings ascribed to them in the License
Agreement and the Microsoft Implementation.
1.1
“Certificate” means a unique WMDRM object used to assess trust.
1.2
“Chained License” means a WMDRM License which has an association
with another WMDRM License.
1.3
“Company” means an entity licensed under a License Agreement to
develop Licensed Products.
1.4
“Content” means audio and/or video that are transmitted or distributed,
either by broadcast, cablecast or other means of distribution.
1.5
“Content Key” means a symmetric key used to encrypt and decrypt
WMDRM Content.
1.6
“DRM Root Certificate” means a WMDRM Certificate that is common to
all WMRM License Agreement licensees that is used by the WMRM
SDK for operating a License Server and generating WMDRM Licenses.
1.7
“DRM Server Certificate” means a WMDRM Certificate unique to a
WMRM License Agreement licensee that is used by the WMRM SDK for
operating a License Server and generating WMDRM Licenses.
1.8
“License Server” means a web server or other Licensed Product that
utilizes the WMRM SDK to issue WMDRM Licenses to WMDRM
Clients.
1.9
“Licensed Product” means any application or service that utilizes the
WMRM SDK.
1.10
“Metering” is a feature of WMDRM designed to securely collect and
report Content usage information.
1.11
“Metering Aggregation Service” means a Licensed Product which collects
Metering Submissions from WMDRM clients.
1.12
“Metering Certificate” is a WMDRM Certificate that is used by a
Metering Aggregation Service to establish trust with a WMDRM Client
Compliance Rules For WMRM 10 SDK Applications And Services
Microsoft Confidential
-1-
10-01-04a
and is also contained in WMDRM Licenses that enable WMDRM Clients
to submit metering data to a specific Metering Aggregation Service.
1.13
“Metering Submission” means a message containing Metering data sent to
a Metering Aggregation Service by a WMDRM Client.
1.14
“Metering Response” means a required acknowledgement returned to a
WMDRM Client by a Metering Aggregation Service in response to a
Metering Submission.
1.15
“Output Protection Level” means a number included in WMDRM Policy
that corresponds to the Content protection that must be applied when
Passing WMDRM Content.
1.16
“Package” means the process of encrypting Content into WMDRM
Content.
1.17
“Pass” means to direct Content that has been decrypted from WMDRM
Content to flow to outputs, optionally through intermediate components
such as a codec or device driver.
1.18
“Right” means an action permitted on WMDRM Content.
1.19
“WMDRM” means Windows Media Digital Rights Management
technology.
1.20
“WMDRM Client” is an application, device or service that can accept and
process WMDRM Licenses and WMDRM Content, and can optionally
create and submit WMDRM Metering Submissions.
1.21
“WMDRM Content” means audio or audiovisual Content that has been
encrypted using WMDRM.
1.22
“WMDRM
1.23
“WMDRM Policy” means the description of the actions permitted and/or
required for or with WMDRM Content, and the restrictions on those
actions as described in the WMDRM License associated with the
WMDRM Content.
1.24
“WMRM License Agreement” means the agreement under which
Microsoft licenses entities to develop and distribute products that use the
WMDRM components contained in the Windows Media Rights Manager
SDK.
License” means a data structure that contains, but is not
limited to, WMDRM Policy and an encrypted Content Key associated
with specific WMDRM Content.
Compliance Rules For WMRM 10 SDK Applications And Services
Microsoft Confidential
-2-
10-01-04a
1.25
“WMRM SDK Configuration” means the configuration settings used by a
Licensed Product. This includes, but is not limited to, Revocation Lists,
Client Verification Keys and WMDRM Certificates.
2. SCOPE
These Compliance Rules apply to Licensed Products that make use of the WMDRM
functionality included in the WMRM SDK. These Compliance Rules set forth the
requirements pursuant to which Licensed Products that use the WMRM SDK may
Package WMDRM Content, modify WMDRM Content, process Metering Submissions,
and issue WMDRM Licenses.
3. REQUIREMENTS FOR LICENSED PRODUCT CONFIGURATIONS
3.1
WMRM SDK Configuration. Company must maintain current WMRM
SDK configuration settings in compliance with section 4 of these Compliance Rules.
Company may replicate WMRM SDK configuration settings to test computers and
production computers. Company must not modify WMRM SDK Configuration data
without written consent from Microsoft.
4. REQUIREMENTS FOR PRODUCT UPDATES
Licensed Products must comply with the following:
4.1
Configuration Updates. Company must update the WMRM SDK
Configuration for all Licensed Products once a week by accessing the WMRM SDK
Configuration settings at http://go.microsoft.com/fwlink/?linkid=11641.
4.2
Security Updates. When contacted by Microsoft about a required
security update for or related to WMRM SDK, Company will use commercially
reasonable efforts to obtain the update and update all Licensed Products within a
commercially reasonable time.
4.3
Recommended Updates. From time to time Microsoft may provide non
mandatory updates. Although Microsoft recommends that these updates be applied to
Licensed Products, Company is not required to obtain recommended updates or to apply
them to update Licensed Products.
5. REQUIREMENTS FOR WMDRM CERTIFICATE
5.1
Certificates. Company shall consider all WMDRM and Metering
Certificates to be Confidential Information of Microsoft and subject to the confidentiality
provisions in the WMRM License Agreement.
Compliance Rules For WMRM 10 SDK Applications And Services
Microsoft Confidential
-3-
10-01-04a
5.2
DRM Server Certificate. Company shall request from Microsoft and use
a DRM Server Certificate that is unique to Company.
5.3
DRM Root Certificate. Company automatically receives a DRM Root
Certificate when the DRM Server Certificate is updated.
5.4
Metering Certificate. If Company maintains a Metering Aggregation
Service then Company shall request from Microsoft and use a unique WMRM SDK
Metering Certificate. Company may request multiple Metering Certificates. Distribution
requirements for Metering Certificates are described in section 6.
5.5
DRM Server Certificate and DRM Root Certificate Expiration.
Company shall request from Microsoft and use a unique DRM Server Certificate for use
in issuing DRM licenses. Company acknowledges that requesting a DRM Server
Certificate will result in updating the DRM Root Certificate. Company acknowledges that
both WMDRM Certificates will periodically expire.
5.5.1 The time before the DRM Server Certificate and DRM Root
Certificate expiration dates can be queried, as demonstrated in Code Sample 1).
Code Sample 1: Querying Certificate Expiration
dim LicenseServer
dim val
set LicenseServer = CreateObject( "LicenseServer.LicenseGenerator" )
call LicenseServer.Get( "cert1_days_to_expiry", val )
wscript.echo "Cert1 (DRM Server Certificate) Expires in " & val & "
days."
call LicenseServer.Get( "cert2_days_to_expiry", val )
wscript.echo "Cert2 (DRM Root Certificate) Expires in " & val & "
days."
set LicenseServer = nothing
6. REQUIREMENTS FOR METERING
Licensed Products that use Metering must comply with the following:
6.1
Metering Certificate Distribution. Metering Aggregation Services may
distribute Metering Certificates.
6.2
Metering Certificate Private Key. Company will not share, expose or
provide Metering Certificate private keys outside of Company. Company must make
commercial reasonably efforts to secure all Metering Certificate private keys.
Compliance Rules For WMRM 10 SDK Applications And Services
Microsoft Confidential
-4-
10-01-04a
6.3
Metering Aggregation Service URL. WMDRM Licenses issued with
Metering Certificates must ensure that the Metering Aggregation Service URL contained
within is valid and accessible by Metering Client.
7. REQUIREMENTS FOR LICENSE CHAINING
7.1
Clients. Licensed Products may issue Chained Licenses to WMDRM v10
or higher and WMF SDK v9.5 or higher . Licensed Products can determine a client’s
version by using the WMRM SDK’s ChallengeObj.ClientVersion() method (as
demonstrated in Code Sample 2).
Code Sample 2: Determining client's WMDRM Version
Dim
Dim
Dim
Set
sLicRequest
sMajorVersion
objChallenge
objChallenge = Server.CreateObject("Wmrmobjs.WMRMChallenge")
' Retrieve the license request from the client computer
sLicRequest = request.Form("challenge")
' Set the license request into the WMRMChallenge object
objChallenge.Challenge = sLicRequest
' Retrieve the DRM client version from the client
if instr(1,objChallenge.ClientInfo,"devcert",1) = 0 then
' license request is not from a device, get the
' major version from the client version property
sMajorVersion = left(objChallenge.ClientVersion,
instr(objChallenge.ClientVersion, ".") - 1)
else
sMajorVersion="10"
end if
if cint(sMajorVersion) >= 10 then
' Add code to perform license chaining here
end if
8. REQUIREMENTS FOR LICENSE RIGHTS
Licensed Products must comply with the following:
8.1
CopyCount Right. Licensed Products shall not generate WMDRM
Licenses that have a CopyCount value higher than 250
8.2
AllowCopy Right. When using the AllowCopy Right the following must
be observed:
Compliance Rules For WMRM 10 SDK Applications And Services
Microsoft Confidential
-5-
10-01-04a
8.2.1
exclusion values.
Licensed Products must not set AllowCopy inclusion and/or
8.2.2 If the AllowCopy Right is set in a particular WMDRM License
then the Licensed Product must also set the Copy Protection Level restriction to 400 in
such WMDRM License as shown in section 11.4 and Table 2 (as demonstrated in Code
Sample 3).
Code Sample 3: Setting Copy Protection Level
' Set playback and copy restrictions.
Dim RestrictObj
' WMRMRestrictions object
Dim PlayRestrictions
' Playback restrictions
Dim CopyRestrictions
' Copy restrictions
' Set Copy Protection Levels
Set RestrictObj = Server.CreateObject("WMRMObjs.WMRMRestrictions")
' Add copy restriction
Call RestrictObj.AddRestriction( WMRM_COPY, 400)
9. REQUIREMENTS FOR APPLICATION EXCLUSION
Licensed Products must comply with the following Application Exclusion rules:
9.1
Excluded Applications. Company must have written approval from
Microsoft before generating WMDRM Licenses that exclude an application.
10. REQUIREMENTS FOR PACKAGING CONTENT
Licensed Products must comply with the following:
10.1 Compatibility. Licensed Product will Package content such that it may
be played back in the latest public final release of Windows Media Player from
Microsoft. Content Packaged with the Licensed Product when played back in Windows
Media Player must not result in stability, reliability, or quality problems any more than
identical content encoded with the latest public final release of Windows Media Encoder
from Microsoft.
11. REQUIREMENTS FOR OUTPUT AND COPY PROTECTION LEVELS
Licensed Products must comply with the following:
11.1 ReservedList. A Licensed Product must not set the ReservedList[] for
any WMDRM License.
Compliance Rules For WMRM 10 SDK Applications And Services
Microsoft Confidential
-6-
10-01-04a
11.2 Updating Output and Copy Protection Levels. The defined set of valid
Output Protection Levels and Copy Protection Levels may change from time to time.
Company acknowledges that it must check for updates to the Output Protection Levels
and Copy Protection Levels and make changes to Licensed Products as needed to reflect
these changes.
11.3 Output and Copy Protection Level Descriptions.
Company
acknowledges that it will obtain and use the Windows Media Format SDK Compliance
Rules document’s sections on Output Protection Levels and Copy Protection Levels for
Output Protection Level and Copy Protection Level definitions. The Windows Media
Format
SDK
Compliance
Rules
are
located
at
http://wmlicense.smdisp.net/wmdrmcompliance.
11.4
Valid Output Protection Levels. If an Output Protection Level is
specified in a License it must be one of the Output Protection Level values listed in Table
1.
Table 1: Valid Output Protection Levels
Output Protection
Digital Compressed Audio Output
Digital Uncompressed Audio Output
Digital Compressed Video Output
Digital Uncompressed Video Output
Analog Video Output
Analog Video Extended Output
(set using AddExtension())
100,
100,
100,
100,
100,
Valid Levels
400
200, 300
400
300
200
N/A
11.5 Valid Copy Protection Levels. If a Copy Protection Level is specified in
a WMDRM License it must be one of the Copy Protection Level values listed in Table 2.
Table 2: Valid Copy Protection Levels
Copy Protection
Copy Protection Level
Valid Levels
400
12. REQUIREMENTS FOR SECURITY LEVELS
Licensed Products must comply with the following:
12.1 MinimumClientSDKSecurity Right. A Licensed Product must not set
the MinimumClientSDKSecurity Right.
12.2 MinimumSecurityLevel Right. If the Minimum Security Level Right is
assigned a value it must be one of the Security Level values indicated in Table 3.
Compliance Rules For WMRM 10 SDK Applications And Services
Microsoft Confidential
-7-
10-01-04a
Table 3: Security Levels
Security level
150
1000
2000
Players and devices
Devices that do not support
Windows Media DRM. DRM
protection is removed when the
Content is transferred to such a
device.
Player applications based on
Windows Media Format 9.5 SDK and
earlier that do not meet additional
requirements for level 2000.
Devices based on Windows Media
Portable Device DRM v1.
Devices based on Windows CE 4.2
and later.
Player applications based on
Windows Media Format 7.1 Series
SDK or later, and that follow a
stricter set of Content protection
guidelines than applications at level
1000.
Devices based on Windows Media
DRM 10 for Portable Devices.
Devices based on Windows Media
DRM 10 for Network Devices.
Example
Devices that support
Windows Media-based
Content but not protected
Content
Windows Media Player
v6.4, Windows Media
Player v7
Windows Media Player for
Pocket PC or SmartPhone
Windows Media Player
v7.1 and later
Portable media devices that
support Windows Media
DRM 10 for Portable
Devices
Windows Media Connect
devices
Compliance Rules For WMRM 10 SDK Applications And Services
Microsoft Confidential
-8-
10-01-04a