ISO/IEC 23078-3:2024

International
Standard
ISO/IEC 23078-3
First edition
Information technology —
2024-06
Specification of digital rights
management (DRM) technology for
digital publications —
Part 3:
Device key-based protection
Reference number
© ISO/IEC 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO/IEC 2024 – All rights reserved
ii
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Abbreviated terms . 4
5 Overview . 4
5.1 General .4
5.2 Protecting the publication .5
5.3 Licensing the publication .5
5.4 Reading the publication .6
5.4.1 General .6
5.4.2 Registering a device .6
5.4.3 Acquiring a device key-based license document .6
5.4.4 Decrypting a resource .6
5.5 Licensing workflows .7
5.5.1 General .7
5.5.2 Getting a protected publication .7
5.5.3 Transferring a protected publication .7
5.5.4 Register device certificate and update license document .8
6 License document . 9
6.1 General .9
6.2 Content conformance . .9
6.3 License information .9
6.3.1 General .9
6.3.2 Encryption (transmitting keys) .9
6.3.3 Links (pointing to external resources) .11
6.3.4 Rights (identifying rights and restrictions). 12
6.3.5 User (identifying the user) . 12
6.3.6 Signature (signing the license) . 12
6.4 User key . 12
6.4.1 General . 12
6.4.2 Calculating the user key . . 12
6.4.3 Hints . 12
6.4.4 Requirements for the user key and user passphrase . 12
6.5 Signature and public key infrastructure . 13
6.5.1 General . 13
6.5.2 Certificates . 13
6.5.3 Canonical form of the license document .14
6.5.4 Generating the signature .14
6.5.5 Validating the certificate and signature . .14
6.6 Device key .14
6.6.1 General .14
6.6.2 Generating the device key .14
6.6.3 Recommendations for the device private key protection . . 15
7 License status document .15
7.1 General . 15
7.2 Content conformance . . 15
7.3 License status information . 15
7.3.1 General . 15
7.3.2 Status . 15
7.3.3 Updated . 15

© ISO/IEC 2024 – All rights reserved
iii
7.3.4 Links . 15
7.3.5 Potential rights .16
7.3.6 Events .16
7.4 Interactions .16
7.4.1 General .16
7.4.2 Handling errors .17
7.4.3 Checking the status of a license .17
7.4.4 Registering a device .17
7.4.5 Returning a publication .19
7.4.6 Renewing a license .19
8 Encryption profiles . 19
8.1 General .19
8.2 Encryption profile requirements .19
8.3 Basic encryption profile . 20
9 Integration in EPUB .20
10 Reading system behaviours .20
10.1 Detecting protected publications . 20
10.2 License document processing . 20
10.3 User key processing . 20
10.4 Signature processing . 20
10.5 Publication processing . 20
10.6 Device key processing . 20
Annex A (informative) Examples .22
Annex B (informative) Schema of license document .24
Annex C (informative) An extension of the ISO/IEC 23078-3 specification for PDF .29
Bibliography .31

© ISO/IEC 2024 – All rights reserved
iv
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations,
governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/
IEC Directives, Part 2 (see www.iso.org/directives or www.iec.ch/members_experts/refdocs).
ISO and IEC draw attention to the possibility that the implementation of this document may involve the
use of (a) patent(s). ISO and IEC take no position concerning the evidence, validity or applicability of any
claimed patent rights in respect thereof. As of the date of publication of this document, ISO and IEC had not
received notice of (a) patent(s) which may be required to implement this document. However, implementers
are cautioned that this may not represent the latest information, which may be obtained from the patent
database available at www.iso.org/patents and https://patents.iec.ch. ISO and IEC shall not be held
responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www.iso.org/iso/foreword.html.
In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by Joint Technical Committee ISO/IEC JTC1, Information technology,
Subcommittee SC 34, Document description and processing languages.
This document cancels and replaces ISO/IEC TS 23078-3:2021, which has been technically revised.
The main changes are as follows:
— Annex C has been added.
A list of all parts in the ISO/IEC 23078 series can be found on the ISO and IEC websites.
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.

© ISO/IEC 2024 – All rights reserved
v
Introduction
Ever since ebooks have grown in popularity, copyright protection has been an important issue for authors
and publishers.
While the distribution of ebooks around the world is mostly based on the open EPUB standard, most ebook
retailers are using proprietary technologies to enforce usage constraints on digital publications in order to
impede oversharing of copyrighted content. The high level of interoperability and accessibility gained by the
use of a standard publishing format is therefore cancelled by the use of proprietary and closed technologies:
ebooks are only readable on specific devices or software applications (a retailer "lock-in" syndrome); ebooks
cannot be accessed anymore if the ebook distributor which protected the publication goes out of business or
if the DRM technology evolves drastically. As a result, users are deprived of any control over their ebooks.
Requirements related to security levels differ depending on which part of the digital publishing market is
addressed. In many situations, publishers require a solution which technically enforces the digital rights
they provide to their users; most publishers are happy to adopt a DRM solution which guarantees an easy
transfer of publications between devices, a certain level of fair-use and provides permanent access to the
publications they have acquired. However, in certain use cases, publishers require a stronger protection
measure, which limits the capability for users to transfer publications from one device to another.
1)
This document, as a variation of the ISO/IEC 23078-2, is a protection technology for digital publication
with which transferring of the publication to multiple devices can be limited in accordance with providers’
policies.
1) Although this document is primarily intended for the protection of EPUB publications, it can also protect digital
publications in other formats, provided that the publication format supports the encryption of resources and the
embedding of a license. This is especially the case for PDF documents contained in a Readium Packaging Format, as
presented in Annex C. This is important for owners of large PDF collections, who want to apply the same DRM to their
EPUB and PDF collections.
© ISO/IEC 2024 – All rights reserved
vi
International Standard ISO/IEC 23078-3:2024(en)
Information technology — Specification of digital rights
management (DRM) technology for digital publications —
Part 3:
Device key-based protection
1 Scope
This document defines a technical solution for encrypting resources in digital publications (especially EPUB),
effectively registering a device certificate to providers and securely delivering decryption keys to reading
systems included in licenses tailored to specific devices. This technical solution uses the passphrase-based
authentication method defined in ISO/IEC 23078-2 for reading systems to receive the license and access the
encrypted resources of such digital publications.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 23078-2:2024, Information Technology — Specification of DRM technology for digital publications—
Part 2: User key-based protection
2)
RFC 5280 , Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile,
Network Working Group
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
content key
symmetric key used to encrypt and decrypt publication resources (3.16)
[SOURCE: ISO/IEC 23078-2:2024, 3.2]
3.2
container
EPUB container
zip-based packaging and distribution format for EPUB publications (3.12)
[SOURCE: ISO/IEC 23078-2:2024, 3.4]
2) Available at https:// tools.ietf .org/ html/ rfc5280.

© ISO/IEC 2024 – All rights reserved
3.3
device key
public key in a device certificate (3.4) that is used to encrypt the content key (3.1)
3.4
device certificate
certificate which is issued for a given reading system (3.13) and is signed by the reading system developer (3.14)
3.5
device private key
private key embedded securely in a reading system (3.13), paired with a device key (3.3) and used to decrypt
the content key (3.1)
3.6
encryption profile
set of encryption algorithms used in a specific protected publication (3.9) and associated license document (3.8)
[SOURCE: ISO/IEC 23078-2:2024, 3.3]
3.7
license authority
entity which delivers provider certificates (3.11) to content providers (3.10) and reading system developer
certificates (3.15) to reading system (3.13)
Note 1 to entry: License authority in this document has an additional role to deliver reading system developer
certificates.
[SOURCE: ISO/IEC 23078-2:2024, 3.5, modified — Additional role and Note 1 to entry have been added.]
3.8
license document
document which contains references to the various keys, links to related external resources, rights and
restrictions that are applied to protected publication (3.9), and user (3.19) information
[SOURCE: ISO/IEC 23078-2:2024, 3.6]
3.9
protected publication
publication (3.12) in which resources (3.16) have been encrypted according to this document
[SOURCE: ISO/IEC 23078-2:2024, 3.10, modified — The preferred term "LCP-protected publication" has been
removed.]
3.10
provider
content provider
entity that delivers licenses for protected publications (3.9) to users (3.19)
[SOURCE: ISO/IEC 23078-2:2024, 3.11, modified — "LCP" before "licenses" has been removed.]
3.11
provider certificate
certificate that is included in the license document (3.8) to identify the content provider (3.10) and validate
the signature of the license document
[SOURCE: ISO/IEC 23078-2:2024, 3.12]

© ISO/IEC 2024 – All rights reserved
3.12
publication
EPUB publication
logical document entity consisting of a set of interrelated resources (3.16) and packaged in an EPUB
container (3.2)
[SOURCE: ISO/IEC 23078-2:2024, 3.13]
3.13
reading system
system which processes EPUB publications (3.12) and presents them to users (3.19)
[SOURCE: ISO/IEC 23078-2:2024, 3.14]
3.14
reading system developer
developer
EPUB reading system developer
entity which signs the device certificate (3.4) associated with a reading system (3.13)
3.15
reading system developer certificate
developer certificate
EPUB reading system developer certificate
certificate which is embedded in the reading system (3.13) in order to confirm that the device certificate (3.4)
is valid
3.16
resource
publication resource
content or instructions that contribute to the logic and rendering of an EPUB publication (3.12)
[SOURCE: ISO/IEC 23078-2:2024, 3.15]
3.17
root certificate
certificate possessed by the license authority (3.7) and embedded in each EPUB reading system (3.13) in
order to confirm that the provider certificate (3.11) or reading system developer (3.14) is valid
[SOURCE: ISO/IEC 23078-2:2024, 3.16, modified — "or reading system developer" has been added.]
3.18
status document
license status document
document that contains the current status and possible interactions with a license document (3.8), along
with historical information
[SOURCE: ISO/IEC 23078-2:2024, 3.17]
3.19
user
individual who consumes an EPUB publication (3.12) using an EPUB reading system (3.13)
[SOURCE: ISO/IEC 23078-2:2024, 3.18]
3.20
user key
hash value of the user passphrase (3.21), used to authenticate a reading system (3.13) to be able to access a
protected publication (3.9)
Note 1 to entry: User key in this document is only used for authentication purpose to access a protection publication.

© ISO/IEC 2024 – All rights reserved
[SOURCE: ISO/IEC 23078-2:2024, 3.19, modified — The decryption role has been removed; the authentication
role and Note 1 to entry have been added.]
3.21
user passphrase
string of text entered by the user (3.19) for obtaining access to the protected publication (3.9)
[SOURCE: ISO/IEC 23078-2:2024, 3.20]
4 Abbreviated terms
DRM digital rights management
LCP licensed content protection
5 Overview
5.1 General
In order to deliver a publication to users without risk of indiscriminate redistribution, most publication
resources are encrypted; and a license document is generated.
The license document can be transmitted outside an EPUB container or be embedded inside it. Following the
EPUB 3.3 specification, META-INF/encryption.xml identifies all encrypted publication resources and points
to the content key needed to decrypt them. This content key is located inside the license document and
is itself encrypted using the device key. The device key is a public key whose paired device private key is
present in the device. It is used to decrypt the content key, which in turn is used to decrypt the publication
resources.
The license document may also contain links to external resources, information identifying the user, and
information about what rights are conveyed to the user and which are not. Rights information may include
things like the time during which the license is valid, or whether the publication may be printed or copied,
etc. Finally, the license document always includes a digital signature to prevent modification of any of its
components.
NOTE This subclause has been modified from ISO/IEC 23078-2:2024, 5.1. The role of user key has been removed
and device key has been added.
Figure 1 shows the relationships among the various components of device key-based protection.

© ISO/IEC 2024 – All rights reserved
NOTE 1 This figure has been modified from ISO/IEC 23078-2:2024, Figure 1. The user key has been removed, and
device key has been added.
NOTE 2 The content key is encrypted using the device key and decrypted using the device private key; the
mechanism is different in ISO/IEC 23078-2, where the content key is encrypted and decrypted using the user key.
Figure 1 — Protected publication with a license document
5.2 Protecting the publication
ISO/IEC 23078-2:2024, 5.2 shall apply.
5.3 Licensing the publication
After a user has requested a protected publication, the following steps are followed by the content provider
to license the protected publication:
a) Generate the user key by hashing the user passphrase (as described in 6.4.2). It is assumed that the user
and associated user passphrase are already known to the provider.
b) Store this user key for future use.
c) Encrypt the content key associated with the protected publication using the device key found in the
device certificate. The device certificate has been registered by the reading system in advance (as
described in 7.4.4).
d) Create a device key-based license document (META-INF/license.lcpl) with the following contents:
1) a unique ID for this license;
2) the date the license was issued;
3) the URI that identifies the content provider;
4) the encrypted content key;
5) information relative to the user passphrase and user key;
6) information relative to the device key;

© ISO/IEC 2024 – All rights reserved
7) links to additional information stored outside of the protected publication and license document
(optional);
8) information on specific rights being granted to the user (optional);
9) information identifying the user (optional). Some of the fields in this section may be encrypted
using the device key.
e) Generate a digital signature for the license document data and add it to the license document.
There are then two different methods to deliver the license document and protected publication to the user:
— License document included inside the protected publication: The provider adds the license document to
the protected publication’s container and delivers this to the user.
— License document delivered separately: The provider includes a link to the protected publication
in the license document, and then delivers just the license document to the user. The reading system
processing the license document downloads the protected publication and adds the license document to
the container of the protected publication.
Whichever method is used, the reading system is presented with an EPUB container that includes the
protected publication and the license document.
NOTE This subclause has been modified from ISO/IEC 23078-2:2024, 5.3. Step b) and step d) 6) have been added,
and user key has been changed with device key in step d) 9).
5.4 Reading the publication
5.4.1 General
In order to decrypt and render a protected publication, the reading system follows the steps specified in
5.4.2, 5.4.3 and 5.4.4.
NOTE This subclause has been extended from ISO/IEC 23078-2:2024, 5.4 into 5.4.1, 5.4.2, 5.4.3 and 5.4.4.
5.4.2 Registering a device
A device registration is mandatory before a device key-based license is obtained. The register link is
obtained from a license status document; and this link is specific to the license to be acquired.
Any user who knows the passphrase of a publication can register the device to the provider, get the
associated device key-based license document and open the publication, as long as the accumulated number
of registrations does not exceed the limit defined by the provider.
5.4.3 Acquiring a device key-based license document
After having successfully registered the device, a reading system is able to acquire a device key-based
license document.
5.4.4 Decrypting a resource
After having successfully acquired the device key-based license document, the reading system follows these
steps, in a highly secured manner:
a) Verify the signature for the license document.
b) Get the device private key associated with the reading system.
c) Decrypt the content key using the device private key.
d) Decrypt the protected resources using the content key.

© ISO/IEC 2024 – All rights reserved
NOTE The acquiring process of the user key in the step b) in the ISO/IEC 23078-2:2024 has been changed to a
process for getting the device private key; and the process using the user key in the step c) has been changed to one
using the device private key.
5.5 Licensing workflows
5.5.1 General
Device registration is required by this document before a protected publication can be processed by a
reading system, which is a difference compared to ISO/IEC 23078-2:2024. Such registration is necessary
when a reading system gets a protected publication as well as when a protected publication is transferred
from a reading system to another one.
5.5.2 Getting a protected publication
The first time a license document is issued to a user, the provider cannot generate a user-specific device key-
based license document because the device is not yet registered for this license and therefore the provider
server doesn’t know the device key yet.
The provider therefore issues a license document whose content key is encrypted using a device key defined
by the provider itself. The reading system does not possess the matching device private key and therefore
cannot process this version of the license document. It can still retrieve the license status document,
register the device, retrieve an updated license status document and then fetch the device key-based license
document tied to the reading system.
The corresponding workflow is illustrated in Figure 2:
Figure 2 — Workflow of licensing for getting a protected publication
5.5.3 Transferring a protected publication
After successfully opening a protected publication on a device, a user may export this protected publication
and try to open it on another device. In such a case the second reading system, even if compliant with this
document, is not able to decrypt the content key because its device private key does not match the device
key of the first device.
© ISO/IEC 2024 – All rights reserved
Such reading system therefore has to register the new device in order to get a new license document
generated with the proper device key information.
The corresponding workflow is illustrated in Figure 3:
Figure 3 — Workflow of licensing for transferring a protected publication
5.5.4 Register device certificate and update license document
The two previous processes share the same registration and license acquisition process between the reading
system and the provider:
a) The reading system gets a license status document.
b) The reading system gets the user key (if it has previously stored it) or generates it by hashing the user
passphrase.
c) The reading system gets the developer certificate and device certificate (assuming that these have
already been generated and installed during the installation of the reading system).
d) The reading system registers the device using the register link found in the license status document,
with the user key, developer certificate and device certificate as parameters (see 7.4.4).
e) The provider server verifies that the user key matches the value associated with the owner of the
license. An error is returned if it is not the case.
f) The provider validates the device registration, as long as the user key is correct and the limit on the
number of allowed registrations has not been reached for the current license. An error is returned if it is
not the case.
g) The provider returns an updated license status document.
h) The reading system requests an updated license document (see 7.3.4.3 and 7.4.3).
i) The provider server issues a device key-based license document.
The corresponding workflow is illustrated in Figure 4:

© ISO/IEC 2024 – All rights reserved
Figure 4 — Workflow of registering device certificate and updating license document
6 License document
6.1 General
ISO/IEC 23078-2:2024, 6.1 shall apply.
NOTE Annex A shows an example of a license document. Annex B depicts schema of the license.
6.2 Content conformance
ISO/IEC 23078-2:2024, 6.2 shall apply.
6.3 License information
6.3.1 General
ISO/IEC 23078-2:2024, 6.3.1 shall apply.
6.3.2 Encryption (transmitting keys)
6.3.2.1 General
To transmit keys, the encryption object shall contain the profile, content_key, user_key objects and device_
key objects in accordance with 6.3.2.5.
NOTE This subclause has been modified from ISO/IEC 23078-2:2024, 6.3.2.1. The device key has been added.
6.3.2.2 Profile
The encryption/profile object shall contain the value defined in Table 1.

© ISO/IEC 2024 – All rights reserved
Table 1 — Profile information in encryption
Name Value Format/data type
Identifier for the encryption profile used by this ISO/
profile URI
IEC 23078-3 compliant publication.
NOTE Table 1 has been modified from ISO/IEC 23078-2:2024, Table 2. The value of profile has been changed.
6.3.2.3 Content key
The encryption/content_key object contains the content key (encrypted using the device key) used to
encrypt the publication resources. It shall contain the name/value pairs described in Table 2.
Table 2 — Content key information in encryption
Name Value Format/data type
Base 64 encoded octet se-
encrypted_value Encrypted content key.
quence
Algorithm used to encrypt the content key, identified using the URIs
defined in W3C XML Encryption. This shall match the content key
algorithm URI
encryption algorithm named in the encryption Profile identified in
encryption/profile.
NOTE This subclause has been modified from ISO/IEC 23078-2:2024, 6.3.2.3. The content key is encrypted using
the device key.
6.3.2.4 User key
The encryption/user_key object contains information regarding the user key used to authenticate the user.
It shall contain the name/value pairs defined in Table 3.
Table 3 — User key information in encryption
Name Value Format/data type
Hint to be displayed to the user in order to help him remember the user
text_hint String
passphrase.
Algorithm used to generate the user key from the user passphrase. This
algorithm URI shall match the user passphrase hash algorithm specified in the en- URI
cryption profile identified in encryption/profile.
NOTE Table 3 has been modified from ISO/IEC 23078-2:2024, Table 4. The key_check property has been removed.
6.3.2.5 Device key
The encryption/device_key object contains information associated with the device key that is used to
encrypt the content key. It shall contain the name/value pairs defined in Table 4.
Table 4 — Device key information in encryption
Name Value Format/data type
DN (Distinguished Name in X.509 as defined in RFC 5280) described in the
key_name String
device certificate, which is used for identifying the paired device private key.
Value of the license document’s id field, encrypted using the device key and
the same algorithm identified for content key encryption in encryption/ Base 64 encoded octet se-
key_check
content_key/algorithm. This is used to verify that the reading system has quence
the correct device private key.
EXAMPLE Encryption information for a license document with content key, user key and device key for this
document.
© ISO/IEC 2024 – All rights reserved
{
"id": "ef15e740-697f-11e3-949a-0800200c9a66",
"issued": "2013-11-04T01:08:15+01:00",
"updated": "2014-02-21T09:44:17+01:00",
"provider": "https://www.imaginaryebookretailer.com",
"encryption": {
"profile": "http://iso.org/ISO-23078-3/basic-profile",
"content_key": {
"encrypted_value": "/k8RpXqf4E2WEunCp76E8PjhS051NXwAXeTD1ioazYxCRGvHLAck/
KQ3cCh5JxDmCK0nRLyAxs1X0aA3z55boQ==",
"algorithm": "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
},
"user_key": {
"text_hint": "Enter your email address",
"algorithm": "http://www.w3.org/2001/04/xmlenc#sha256"
},
"device_key": {
"key_name": "CN=$DEVICE_ID, O=EDRLab",
"key_check": "ljJEjUDipHK3OjGt6kFq7dcOLZuicQFUYwQ+TYkAIWKm6Xv6kpHFhF7LOkUK/Owww"
}
},
"links": ".",
"rights": ".",
"signature": "."
}
6.3.3 Links (pointing to external resources)
6.3.3.1 General
ISO/IEC 23078-2:2024, 6.3.3.1 shall apply.
6.3.3.2 Link object
ISO/IEC 23078-2:2024, 6.3.3.2 shall apply.
6.3.3.3 Link relationships
Link relationships defined in ISO/IEC 23078-2:2024, 6.3.3.3 are valid in this document. The specificity of
this document is that a license document shall have a status link. Table 5 introduces link relationships for
each link object which is used for value of rel.
Table 5 — Link relationships of link
Relation Semantics Required?
Location where a reading system can redirect a user looking for additional information
hint Yes
about the User Passphrase
publication Location where the publication associated with the license document can be downloaded Yes
As defined in the IANA registry of link relations: "Conveys an identifier for the link's
self No
context"
support Support resources for the user (either a website, an email or a telephone number) No
status Location of the license status document associated with the license document Yes
NOTE Table 5 has been modified from ISO/IEC 23078-2:2024, Table 6. The ‘Required?’ field has been changed.
EXAMPLE A license document points to a publication, contains the location of the status document and the
location of a hint about the user passphrase.
{
"id": "ef15e740-697f-11e3-949a-0800200c9a66",
"issued": "2013-11-04T01:08:15+01:00",
"updated": "2014-02-21T09:44:17+01:00",
"provider": "https://www.imaginaryebookretailer.com",
"encryption": ".",
"links": [
© ISO/IEC 2024 – All rights reserved
{ "rel": "publication",
"href": "https://www.example.com/file.epub",
"type": "application/epub+zip",
"length": "264929",
"hash": "8b752f93e5e73a3efff1c706c1c2e26
...