Working with Revocation Lists
[The feature associated with this page, Windows Media Format 11 SDK, is a legacy feature. It has been superseded by Source Reader and Sink Writer. Source Reader and Sink Writer have been optimized for Windows 10 and Windows 11. Microsoft strongly recommends that new code use Source Reader and Sink Writer instead of Windows Media Format 11 SDK, when possible. Microsoft suggests that existing code that uses the legacy APIs be rewritten to use the new APIs if possible.]
To respond to security breaches and to ensure that player applications known to be broken or compromised cannot play or use protected files, each license that is issued contains a revocation list. A revocation list contains the application certificates of all those player applications known to be broken or corrupted. When a new license is received, the DRM component of the player application checks for a revocation list. If one is found that is newer than the one currently on the computer, the newer list is stored. The next time the consumer plays a protected ASF file, the DRM component compares the player application to the revocation list. If the player application is revoked, the DRM component sends an error message to the application.
Player applications can receive a revocation error message in the following scenarios:
- The error message is received after the application calls the IWMDRMReader::AcquireLicense method for a protected file. The call fails with the HRESULT code NS_E_DRM_APPCERT_REVOKED, which is supplied to the OnStatus callback function with WMT_ACQUIRE_LICENSE status. If this HRESULT code is ignored, errors will continue to occur.
- The error message is received when the application creates the DRM-enabled reader and calls the IWMReader::Open method for a protected file. The call fails with the HRESULT code NS_E_DRM_APPCERT_REVOKED, which is supplied to the IWMStatusCallback::OnStatus callback method with WMT_OPENED status. When a player application receives this error message, the application should notify end users and provide a way for them to restore functionality to their player. For example, the application can open a URL where end users can download an upgrade for the compromised application.
Note DRM is not supported by the x64-based version of this SDK.
Related topics