Protocol Feature Client authentication Either a shared secret (called activation code) or device certificate Authentication Data = HASH (activation code) Acquire a random server nonce to send keyed authentication data Authentication Data = HMAC(activation code, serverNonce) Used over a non-secure channel to achieve data confidentiality Server authentication Server certificate or shared secret Client capabilities in request Requested key type Requested algorithm type Crypto-algorithm negotiation (Supported encryption algorithm) Response delivery method (HTTP/S or SMS) Device Information Supported logo types Supported delivery user interface attributes Extensible to support future new attributes |