<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License 
"Eclipse Public License v1.0" which accompanies this distribution, 
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
    Nokia Corporation - initial contribution.
Contributors: 
-->
<!DOCTYPE concept
  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept id="GUID-E7F74FD2-C79E-4C9D-ADBC-5366F424D347" xml:lang="en"><title>DRM agent</title><shortdesc>A DRM agent embodies a trusted entity in a device. It is responsible for enforcing permissions and constraints associated with DRM content, as well as controlling access to DRM content.</shortdesc><prolog><metadata><keywords/></metadata></prolog><conbody>
<p>The DRM agent is launched when DRM content is received on the device, at which point it extracts and encrypts the DRM content. The DRM agent is consulted for permissions and constraints before the content is passed to a media player (for example, Image Viewer or Video Player). If the rights have expired, the media player is be informed and the content becomes unusable.</p>
<p>In <xref href="GUID-249E8EE2-5334-4CA2-93AB-4010E6404D11.dita">OMA DRM v2.0</xref>, the DRM agent has a unique private key pair and a certificate. The certificate includes additional information, such as maker, device, type, software version, serial numbers. This allows the content and rights issuers to securely authenticate the DRM agent. Each DRM agent is provisioned with a unique private key and an associated certificate identifying the DRM agent and certifying the binding between the agent and the key pair. This allows rights issuers to securely authenticate the DRM agent using the standard PKI procedure.  </p>
</conbody></concept>