Compliance Rules for WMRM 10.X SDK Applications and Services

© 2006 Microsoft Corporation. All rights reserved.

Compliance Rules For
WMRM 10.xSDK Applications And Services

1. Definitions

The following terms have the meanings set forth below. Other initially capitalized terms not defined in these compliance rules have the meanings ascribed to them in the License Agreement and the Microsoft Implementation.

1.1“Certificate” means a unique WMDRM object used to assess trust.

1.2“Chained License” means a WMDRM License which has an association with another WMDRM License.

1.3“Company” means an entity licensed under a License Agreement to develop Licensed Products.

1.4“Content” means audio and/or video that are transmitted or distributed, either by broadcast, cablecast or other means of distribution to the general public or on demand.

1.5“Content Key” means a symmetric key used to encrypt and decrypt WMDRM Content.

1.6“DRM Root Certificate” means a WMDRM Certificate that is common to all WMRM Licensees and is used by the WMRM SDK for operating a WMRM Server and generating WMDRM Licenses.

1.7“DRM Server Certificate” means a WMDRM Certificate that is unique to a WMRM Licensee and is used by the WMRM SDK for operating a WMRM Server and generating WMDRM Licenses.

1.8“License Agreement” means the agreement under which Microsoft licenses entities to develop and distribute products that use the WMDRM components contained in the WMRM SDK.

1.9“Licensed Product” means any web server application or service that utilizes the WMRM SDK.

1.10“Metering” is a feature of WMDRM designed to securely collect and report Content usage information.

1.11“Metering Aggregation Service” means a Licensed Productwhich collects Metering Submissions from WMDRM clients.

1.12“Metering Certificate” is a WMDRM Certificate that (a) is used by a Metering Aggregation Service to establish trust with a WMDRM Client and (b) is contained in WMDRM Licenses to enable WMDRM Clients to submit Metering data to a specific Metering Aggregation Service.

1.13“Metering Submission” means a message containing Metering data sent to a Metering Aggregation Service by a WMDRM Client.

1.14“Metering Response” means a required acknowledgement returned to a WMDRM Client by a Metering Aggregation Service in response to a Metering Submission.

1.15“Output Protection Level” means a number included in WMDRM Policy that corresponds to the Content protection that must be applied when Passing WMDRM Content.

1.16“Package” means the process of encrypting Content into WMDRM Content.

1.17“Pass” means to direct Content that has been decrypted from WMDRM Content to flow to outputs, optionally through intermediate components such as a codec or device driver.

1.18“Right” means an action permitted on WMDRM Content.

1.19“WMDRM” means Windows Media Digital Rights Management technology.

1.20“WMDRM Client” is an application, device or service that can accept and process WMDRM Licenses and WMDRM Content, and can optionally create and submit Metering Submissions.

1.21“WMDRM Content” means audio or audiovisual Content that has been encrypted using WMDRM.

1.22“WMDRM License” means a data structure that contains, but is not limited to, an encrypted Content Key or an encrypted key used to decrypt a Content Key associated with specific WMDRM Content, and WMDRM Policy associated with specific WMDRM Content.

1.23“WMDRM Policy” means the description of the actions permitted and/or required with respect to WMDRM Content, and the restrictions on those actions as described in the WMDRM License associated with the WMDRM Content.

1.24“WMRM Licensee” means an entity that is licensed under the License Agreement.

1.25“WMRM SDK” means the Windows Media Rights Manager Software Development Kit version 10.0, 10.1, 10.11, or other version with the number ten (10) to the left of the decimal point. For purposes of clarity, the WMRM 10.11 SDK is a superset of the functionality provided in the WMRM 10.1 SDK and the WMRM 10.1 SDK is a superset of the functionality provided in the WMRM 10 SDK.

1.26“WMRM SDK Configuration” means the configuration settings used by a Licensed Product and includes, but is not limited to, Revocation Lists, Client Verification Keys, and WMDRM Certificates.

1.27“WMRM Server” means a Licensed Product that utilizes the WMRM SDK to issue WMDRM Licenses over a network connection to WMDRM Clients.

1. SCOPE

These compliance rules apply to Licensed Products that make use of the WMDRM functionality included in the WMRM SDK. These compliance rules set forth the requirements pursuant to which Licensed Products that use the WMRM SDK may Package WMDRM Content, modify WMDRM Content, processMetering Submissions, and issue WMDRM Licenses.

1. Requirements for Licensed Product Configurations

Licensed Products must comply with the following:

3.1WMRM SDK Configuration. Company must maintain current WMRM SDK configuration settings in compliance with Section 4 of these compliance rules. Company may replicate WMRM SDK configuration settings to test computers and production computers. Company must not modify WMRM SDK Configuration data without written consent from Microsoft.

3.2No Circumvention. Licensed Products must not, directly (including without limitation through the use of the WMRM SDK or any feature or functionality thereof) or indirectly (including without limitation through any device or application offered, sold, or marketed for use with the Licensed Product), (a) provide access to and/or display WMDRM Content in any manner inconsistent with these compliance rules or (b) otherwise circumvent the rights and restrictions associated with WMDRM Content.

1. Requirements for Product Updates

Licensed Products must comply with the following:

4.1Configuration Updates. Company must update the WMRM SDK Configuration for all Licensed Products once a week by accessing the WMRM SDK Configuration settings at

4.2SecurityUpdates. When contacted by Microsoft about a required security update for or related to WMRM SDK, Company must use commercially reasonable efforts to obtain the update and update all Licensed Products within a commercially reasonable time.

1. Requirements for Application Exclusion

Licensed Products must comply with the following:

5.1Excluded Applications. Licensed Productsmust not generate WMDRM Licenses that exclude an applicationunless Company has obtained written approval from Microsoft for such exclusion.

1. Requirements for Packaging Content

Licensed Products must comply with the following:

6.1Compatibility. Licensed ProductsmustPackage content such that it may be played back in the latest public final release of Windows Media Player from Microsoft. Content Packaged with the Licensed Product when played back in Windows Media Player must not result in stability, reliability, or quality problems any more than identical content encoded with the latest public final release of Windows Media Encoder from Microsoft.

1. Requirements for setting Playback policy

Licensed Products must comply with the following:

7.1ReservedList. A Licensed Product must not set the ReservedList[] for any WMDRM License.

7.2Valid Output Protection Levels. If an Output Protection Level is specified in a WMDRM License using WMRMRestrictions.AddRestriction,it must be one of the Output Protection Level values listed inTable 1.

Table : Valid Output Protection Levels

Output Protection / Valid Levels
Minimum Digital Compressed Audio Output Protection Level / 100, 200, 300
Minimum Uncompressed Digital Audio Output Protection Level / 100, 200, 300
Minimum Compressed Digital Video Output Protection Level / 400, 500
Minimum Uncompressed Digital Video Output Protection Level / 100, 250, 300
Minimum Analog Video Output Protection Level / 100, 150, 200

7.3Valid Extended Analog Video Protection Values. If an Extended Analog Video Protection List is specified in a WMDRM License using WMRMRestrictions.AddInclusion, it must be one of thevalues listed in Table 2:

Table 2: Extended Analog Video Output Protection Values

Allowed Extended Analog Video ProtectionGUID / Allowed Extended Analog Video Protection Configuration Data / Output Protection Description
{C3FD11C6-F8B7-4d20-B008-1DB17D61F2DA} / 0, 1, 2, 3 / AGC and Color Stripe

1. Requirements for setting Copy policy

Licensed Products must comply with the following:

8.1CopyCount Right.Licensed Products shall not generate WMDRM Licenses that have a CopyCount value higher than 250.

8.2Valid Copy Protection Levels. If a Copy Protection Level is specified in a WMDRM License it must be one of the Copy Protection Level values listed in Table 3.

Table 3: Valid Copy Protection Levels

Copy Protection / Valid Levels
Copy Protection Level / 400

1. Requirements for Security Levels

Licensed Products must comply with the following:

9.1MinimumClientSDKSecurity. A Licensed Product must not set the MinimumClientSDKSecurityRight.

9.2MinimumSecurityLevel. If the Minimum Security Level Right is specified in a WMDRM License assigned a value it must be one of the Security Level values indicated in Table 4.

Table 4: Allowed Security Levels

Security level / Players and devices / Example
150 / Devices that do not support Windows Media DRM. DRM protection is removed when the Content is transferred to such a device. / Devices that support Windows Media-based Content but not protected Content
1000 / Player applications based on Windows Media Format 9.5 SDK and earlier that do not meet additional requirements for level 2000. / Windows Media Player v6.4, Windows Media Player v7
Devices based on Windows Media Portable Device DRM v1. / Windows Media Player for Pocket PC or SmartPhone
Devices based on Windows CE 4.2 and later.
2000 / Player applications based on Windows Media Format 7.1 Series SDK or later, and that follow a stricter set of Content protection guidelines than applications at level 1000. / Windows Media Player v7.1 and later
Devices based on Windows Media DRM 10 for Portable Devices. / Portable media devices that support Windows Media DRM 10 for Portable Devices
Devices based on Windows Media DRM 10 for Network Devices. / Windows Media Connect devices

1. Requirements for INCLUSION LIST

Licensed Products must comply with the following:

10.1Inclusion List.A Licensed Product must not create an Inclusion List that contains more than twenty GUID values.

10.2AllowedInclusion ListValues. If an Inclusion List is specified in a WMDRM License, the Inclusion List may include only the GUID valuesdefined in Table 5, or in Appendix A of the compliance rules for WMDRM Export using the WMF 11 SDK. Refer to Section 4.2 of the compliance rules for WMDRM10 for Portable Device Applications for a description of the GUID(s) specified in Table 5. The compliance rules mentioned in this section are located at

Table 5: Allowed Inclusion List Values

GUID / Permit Export to
{0FB334DC-DE98-4DDC-A8A7-67D7676C0163} / Send
{24533722-DACD-4f7e-9A96-84D848B46D59} / MTP/IP Sync

Compliance Rules For WMRM 10.X SDK Applications and Services

-1-13 November 2006