I just read on good authority that Microsoft will soon release an updated version (6.1) of Device Manager for Vista over the next few weeks. As soon as I see this pop up on the ‘ol RSS feed, I’ll be testing this out.
For kicks, I thought I’d post the machine certificate that is created on the Windows Mobile 6 device.
<XrML version="1.2" xmlns="">
<BODY type="LICENSE" version="3.0">
<ISSUEDTIME>2007-05-09T02:04</ISSUEDTIME>
<DESCRIPTOR>
<OBJECT type="Machine-Certificate">
<ID type="MS-GUID">{92992236-A920-4152-ABAC-1C83467C5A57}</ID>
<NAME>Microsoft Machine-Certificate</NAME>
</OBJECT>
</DESCRIPTOR>
<ISSUER>
<OBJECT type="MS-DRM-Mobile-Security-Processor">
<ID type="MS-GUID">{6a898c32-e9f5-4ffa-b277-0c3e96307f8a}</ID>
<NAME>Microsoft DRM Production Mobile Security Processor Activation Certificate</NAME>
</OBJECT>
<PUBLICKEY>
<ALGORITHM>RSA</ALGORITHM>
<PARAMETER name="public-exponent">
<VALUE encoding="integer32">65537</VALUE>
</PARAMETER>
<PARAMETER name="modulus">
<VALUE encoding="base64" size="1024"> <–PUBLIC KEY VALUE –> </VALUE>
</PARAMETER>
</PUBLICKEY>
</ISSUER>
<DISTRIBUTIONPOINT>
<OBJECT type="Activation">
<ID type="MS-GUID">{99F48562-703E-4E7D-9175-DD69C66921B7}</ID>
<NAME>Microsoft Activation</NAME>
<ADDRESS type="URL">file:///rmactivate.exe</ADDRESS>
</OBJECT>
</DISTRIBUTIONPOINT>
<ISSUEDPRINCIPALS>
<PRINCIPAL>
<OBJECT type="Machine-Unique-Identifier">
<ID type="MS-GUID">{7110da80-b516-6aa2-d3cc-626b57aa5b1d}</ID>
<NAME>Machine</NAME>
</OBJECT>
<PUBLICKEY>
<ALGORITHM>RSA</ALGORITHM>
<PARAMETER name="public-exponent">
<VALUE encoding="integer32">65537</VALUE>
</PARAMETER>
<PARAMETER name="modulus">
<VALUE encoding="base64" size="1024"> <— PUBLIC KEY VALUE —></VALUE>
</PARAMETER>
</PUBLICKEY>
<SECURITYLEVEL name="Platform" value="3.5.2.1236" />
<SECURITYLEVEL name="Manufacturer" value="Microsoft Corporation mcoregen DLL 5.0.17741.0 (RMS Client SP1 Mobile Security Processor)" />
<SECURITYLEVEL name="Repository" value="Microsoft Corporation Windows RMS Client SP1 secure repository 5.0.17741.0"/>
</PRINCIPAL>
</ISSUEDPRINCIPALS>
</BODY>
<SIGNATURE>
<DIGEST>
<ALGORITHM>SHA1</ALGORITHM>
<PARAMETER name="codingtype">
<VALUE encoding="string">surface-coding</VALUE>
</PARAMETER>
<VALUE encoding="base64" size="160">/iezjAtALJfGHC/rYZseL25paQA=</VALUE>
</DIGEST>
<ALGORITHM>RSA PKCS#1-V1.5</ALGORITHM>
<VALUE encoding="base64" size="1024"></VALUE>
</SIGNATURE>
</XrML>
<BODY type="LICENSE" version="3.0">
<ISSUEDTIME>2007-05-09T02:04</ISSUEDTIME>
<DESCRIPTOR>
<OBJECT type="Machine-Certificate">
<ID type="MS-GUID">{92992236-A920-4152-ABAC-1C83467C5A57}</ID>
<NAME>Microsoft Machine-Certificate</NAME>
</OBJECT>
</DESCRIPTOR>
<ISSUER>
<OBJECT type="MS-DRM-Mobile-Security-Processor">
<ID type="MS-GUID">{6a898c32-e9f5-4ffa-b277-0c3e96307f8a}</ID>
<NAME>Microsoft DRM Production Mobile Security Processor Activation Certificate</NAME>
</OBJECT>
<PUBLICKEY>
<ALGORITHM>RSA</ALGORITHM>
<PARAMETER name="public-exponent">
<VALUE encoding="integer32">65537</VALUE>
</PARAMETER>
<PARAMETER name="modulus">
<VALUE encoding="base64" size="1024"> <–PUBLIC KEY VALUE –> </VALUE>
</PARAMETER>
</PUBLICKEY>
</ISSUER>
<DISTRIBUTIONPOINT>
<OBJECT type="Activation">
<ID type="MS-GUID">{99F48562-703E-4E7D-9175-DD69C66921B7}</ID>
<NAME>Microsoft Activation</NAME>
<ADDRESS type="URL">file:///rmactivate.exe</ADDRESS>
</OBJECT>
</DISTRIBUTIONPOINT>
<ISSUEDPRINCIPALS>
<PRINCIPAL>
<OBJECT type="Machine-Unique-Identifier">
<ID type="MS-GUID">{7110da80-b516-6aa2-d3cc-626b57aa5b1d}</ID>
<NAME>Machine</NAME>
</OBJECT>
<PUBLICKEY>
<ALGORITHM>RSA</ALGORITHM>
<PARAMETER name="public-exponent">
<VALUE encoding="integer32">65537</VALUE>
</PARAMETER>
<PARAMETER name="modulus">
<VALUE encoding="base64" size="1024"> <— PUBLIC KEY VALUE —></VALUE>
</PARAMETER>
</PUBLICKEY>
<SECURITYLEVEL name="Platform" value="3.5.2.1236" />
<SECURITYLEVEL name="Manufacturer" value="Microsoft Corporation mcoregen DLL 5.0.17741.0 (RMS Client SP1 Mobile Security Processor)" />
<SECURITYLEVEL name="Repository" value="Microsoft Corporation Windows RMS Client SP1 secure repository 5.0.17741.0"/>
</PRINCIPAL>
</ISSUEDPRINCIPALS>
</BODY>
<SIGNATURE>
<DIGEST>
<ALGORITHM>SHA1</ALGORITHM>
<PARAMETER name="codingtype">
<VALUE encoding="string">surface-coding</VALUE>
</PARAMETER>
<VALUE encoding="base64" size="160">/iezjAtALJfGHC/rYZseL25paQA=</VALUE>
</DIGEST>
<ALGORITHM>RSA PKCS#1-V1.5</ALGORITHM>
<VALUE encoding="base64" size="1024"></VALUE>
</SIGNATURE>
</XrML>
So you can see that the Windows Mobile 6 device does most of the work itself. My sense is Active Sync / Device Manager is needed to perform the authenticated connection to the RMS server to get the GIC. Anyhow, stay tuned and I’ll go through the process in more detail…once I get it working on Vista.
