Updated: June 1, 2008
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Users of RMS-enabled applications can assign to digital files and information specific usage rights that are consistent with their existing corporate policies. These usage rights are stored in publishing licenses that specify the users who can view the content, as well as in what manner they can edit and distribute the content.
A publishing license can be issued by an RMS-enabled client application, the root cluster, or a licensing-only cluster. When a publishing license is issued by an RMS-enabled client application, a client licensor certificate is granted to the application by the RMS cluster. This is referred to as offline publishing. It is a common method of publishing because it allows users of RMS-enabled applications to create protected content without requiring a connection to the RMS cluster. If the RMS-enabled client application does not make use of a client licensor certificate, the user must be able to connect to the RMS cluster to receive a publishing license for the protected content.
A publishing license contains the symmetric content key for decrypting the content that is encrypted with the public key of the RMS cluster. This ensures that only the server can decrypt the content and issue use licenses.
A publishing license is signed by the private key of the issuing server or the private key of the client licensor certificate.