An author can identify authorized users in the following ways:
|Digital Certificate||A certificate-based recipient license is usable only by the person who owns the designated certificate. This is similar to sending an encrypted e-mail to the recipient. That is, the author uses the user’s public key to create a license that can only be opened by the recipient using the corresponding private key. When opening a protected file, Promis.e looks in the user’s secure keystore for the needed private key. Possession of the private key is considered proof of the recipient’s identity and authenticates the user as an authorized user. Promis.e then grants the rights contained in the recipient license.|
|Smart Card||A smart card is a variation of a certificate-based recipient license. A user arranges for a private key corresponding to their digital certificate to be stored on a "token" or "smart card." When the private key is accessed, the user is required to supply the smart card and to authenticate himself. Failing either of those, the license does not open.|
|Password||Anyone who knows the password can use a password license. Usually, the author creates multiple passwords conveying different rights to the same file. Then the author sends passwords to the users via some "secure" channel. When opening a password-protected file, the product prompts the user, finds the license corresponding to the supplied password, and then grants the rights contained in the password license.|
|Everyone|| The everyone license is usable by everyone, without credentials. This option is generally useful only when combined with limited rights or with an authentication URL. The everyone license can also be added to a set of targeted password or recipient licenses. In those cases, the everyone license is selected as the default in case the user has access to no other license.
When creating an everyone license through a key in, a confirmation question displays as a warning message on the protected item on the status bar.
|Authentication URL||The authentication URL can modify any of the license types listed above. If the author adds a URL, Promis.e only uses the license if the user can also access the URL. The URL may identify a file on a secure WebDAV server or on a site accessed via a VPN. This allows an organization to apply its own user authentication on top of the license authentication mechanism.|