4. Keys and License Server
The Content Provider can either generate the encryption keys manually using specialized software or using certains tools provided by the DRM vendors (Google Widevine, Microsoft PlayReady, etc.).
When we encrypt some content with a particular key, we need to create a association between the encryption key, or KEY, and the content that has been protected. To identify the content, it is used a KeyID, or KID. It is a unique string of characters generated at the time of creating an encryption key for a particular content.
The KEY and the KID are stored in a secure server (keystore) that works alongside a DRM license server. Without the KID, the license server can’t lookup a specific key.
