Skip to main content

Revocation List

When Microsoft identifies a client with compromised security, the device may be revoked and added to a Revocation List. Axinom DRM License Service uses this revocation list to deny licenses to devices that have been revoked, thereby preventing the device from playing newly protected content.

You receive the initial state of the list as a part of the Configuration Package (RevocationData.xml), but according to Microsoft Compliance Rules you have to regularly update this list. The file shall be stored in the Config folder.

See PlayReady Revocation for additional information.

RevocationData.xml
<?xml version="1.0" encoding="utf-8"?><RevInfo>
    <Revocation>
        <ListID>Ef/RUojT3U6Ct2jqTCChbA==</ListID>
        <ListData>UkxW...RCk/rFqw==</ListData>
    </Revocation>
    ...
</RevInfo>

See also: Configuration Options, Deployment Guide, Updating On-board Setup.

Obtaining Revocation List​

You can get a fresh copy of the list anytime from an endpoint from Microsoft: https://aka.ms/revinfo (or http://go.microsoft.com/fwlink/?LinkId=110086)

The response is an XML file named similar to RevInfo2v61_20211006.xml with the structure shown above.

Updating Revocation List​

Once you have obtained the list (see Obtaining Revocation List above), you can store it in the Config folder as RevocationData.xml. The License Service will reload the new list in one of the three ways:

  • After a container restart
  • Automatically, per default every 5 minutes (configurable using RevocationDataUpdateInterval)
  • Ad-hoc, after a POST /Sync/Now (see the authorization details of the Sync API).

Alternatively, you can send the XML content directly to the Sync API of the License Service without storing it on file before. The new list will immediately take effect:

POST <apiUrl>/Sync/RevocationList 
Authorization: Basic base64(:<API key>)
Content-Type: application/xml

<?xml version="1.0" encoding="utf-8"?><RevInfo>
    <Revocation>
        <ListID>Ef/RUojT3U6Ct2jqTCChbA==</ListID>
        <ListData>UkxW...RCk/rFqw==</ListData>
    </Revocation>
    ...
</RevInfo>

Disabling Automatic Reload​

Per default the License Service reloads the RevocationData.xml every 5 minutes.

If you decide to restart the container manually when you update the list or to use the Sync API to push the updates, you should disable automatic reloading, as you know the file will not change in between.

To disable automatic reloading set the RevocationListUpdateInterval to 0 in the Application Configuration.