ISO 26430-3:2008

INTERNATIONAL ISO
STANDARD 26430-3
First edition
2008-07-15
Digital cinema (D-cinema) operations —
Part 3:
Generic extra-theater message format
Opérations du cinéma numérique (cinéma D) —
Partie 3: Format de message d'extra théâtre générique

Reference number
©
ISO 2008
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.

©  ISO 2008
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2008 – All rights reserved

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies
(ISO member bodies). The work of preparing International Standards is normally carried out through ISO
technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International Standards
adopted by the technical committees are circulated to the member bodies for voting. Publication as an
International Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 26430-3 was prepared by the Society of Motion Picture and Television Engineers (as
SMPTE 430-3-2008) and was adopted, under a special “fast-track procedure”, by Technical Committee
ISO/TC 36, Cinematography, in parallel with its approval by the ISO member bodies.
ISO 26430 consists of the following parts, under the general title Digital cinema (D-cinema) operations:
⎯ Part 1: Key delivery message
⎯ Part 2: Digital certificate
⎯ Part 3: Generic extra-theater message format

SMPTE 430-3-2008
Revision of
SMPTE 430-3-2006
SMPTE STANDARD
D-Cinema Operations —
Generic Extra-Theater
Message Format
Page 1 of 22 pages
Table of Contents         Page

Foreword . 3
1 Scope . 3
2 Conformance Notation . 3
3 Normative References . 3
4 Glossary . 4
5 Overview of Generic Extra Theater Message (informative). 5
6 Authenticated and Public (Unencrypted) Information . 6
6.1 MessageId. 7
6.2 MessageType. 7
6.3 AnnotationText. 7
6.4 IssueDate . 7
6.5 Signer. 7
6.6 RequiredExtensions (Optional). 7
6.7 NonCriticalExtensions (Optional). 7
7 Authenticated and Private (Encrypted) Information . 7
7.1 EncryptedKey. 9
7.1.1 EncryptionMethod . 9
7.1.2 KeyInfo. 9
7.1.3 CipherData. 9
7.1.4 EncryptionProperties. 9
7.1.5 ReferenceList. 9
7.1.6 CarriedKeyName . 9
7.2 EncryptedData (Optional) . 10
8 Signature Information. 11
8.1 XML Embedding. 11
8.2 SignedInfo . 12
8.3 SignatureValue. 13
8.4 KeyInfo Certificate Chain . 13
8.5 Object Information. 13
Annex A  Design Features and Security Goals (Informative) . 14
Annex B  Bibliography (Informative) . 16
Annex C  XML Schema for ETM (Normative). 17
Annex D  XML Diagram Legend (Informative). 19
Revision Notes . 22

Approved
MOTION PICTURE AND TELEVISION ENGINEERS
March 3, 2008
3 Barker Avenue, White Plains, NY 10601
(914) 761-1100
SMPTE 430-3-2008
Foreword
SMPTE (the Society of Motion Picture and Television Engineers) is an internationally recognized standards
developing organization. Headquartered and incorporated in the United States of America, SMPTE has
members in over 80 countries on six continents. SMPTE’s Engineering Documents, including Standards,
Recommended Practices and Engineering Guidelines, are prepared by SMPTE’s Technology Committees.
Participation in these Committees is open to all with a bona fide interest in their work. SMPTE cooperates
closely with other standards-developing organizations, including ISO, IEC and ITU.

SMPTE Engineering Documents are drafted in accordance with the rules given in Part XIII of its
Administrative Practices.
SMPTE Standard 430-3 was prepared by Technology Committee DC28.

Page 2 of 23 pages
2 © ISO 2008 – All rights reserved

SMPTE 430-3-2008
1  Scope
This standard presents a specification for a generic Extra-Theatre Message (ETM) format for use with
unidirectional communications channels used in security communcations for Digital Cinema (D-Cinema)
systems.
The ETM specification is a generic XML security wrapper that includes specific fields which can be extended
to carry different kinds of information to meet various application-level requirements. (For example, the Key
Delivery Message (KDM) is a specific instance of this format.) The ETM uses W3C Extensible Markup
Language (see [XML]) to represent the information payload. It provides security using the XML encryption and
signature primitives.
Note: The brackets convention “[…]” as used herein denotes either a normative or informative reference.

2  Conformance Notation
Normative text is text that describes elements of the design that are indispensable or contains the
conformance language keywords: "shall", "should", or "may". Informative text is text that is potentially helpful
to the user, but not indispensable, and can be removed, changed, or added editorially without affecting
interoperability. Informative text does not contain any conformance keywords.

All text in this document is, by default, normative, except: the Introduction, any section explicitly labeled as
"Informative" or individual paragraphs that start with "Note:”

The keywords "shall" and "shall not" indicate requirements strictly to be followed in order to conform to the
document and from which no deviation is permitted.

The keywords, "should" and "should not" indicate that, among several possibilities, one is recommended as
particularly suitable, without mentioning or excluding others; or that a certain course of action is preferred but
not necessarily required; or that (in the negative form) a certain possibility or course of action is deprecated
but not prohibited.
The keywords "may" and "need not" indicate courses of action permissible within the limits of the document.

The keyword “reserved” indicates a provision that is not defined at this time, shall not be used, and may be
defined in the future. The keyword “forbidden” indicates “reserved” and in addition indicates that the provision
will never be defined in the future.

A conformant implementation according to this document is one that includes all mandatory provisions
("shall") and, if implemented, all recommended provisions ("should") as described. A conformant
implementation need not implement optional provisions ("may") and need not implement them as described.

3  Normative References
The following standards contain provisions that, through reference in this text, constitute provisions of this
standard. At the time of publication, the editions indicated were valid. All standards are subject to revision,
and parties to agreements based on this standard are encouraged to investigate the possibility of applying the
most recent edition of the standards indicated below.

[D-Cinema Digital Certificate] SMPTE 430-2-2006, D-Cinema Operation — Digital Certificate

[FIPS-180-2] “Secure Hash Standard” Version 2. August 1, 2002. FIPS-180-2. See:
http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf

Page 3 of 23 pages
SMPTE 430-3-2008
[FIPS-197] “Advanced Encryption Standard (AES)” November 26, 2001. FIPS-197. See:
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

[FIPS-198] “The Keyed-Hash Message Authentication Code (HMAC)” March 6, 2002. File updated April 8,
2002. http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf

[PKCS1] “PKCS #1: RSA Cryptography Specifications Version 2.1” By B. Kaliski. February 2003. RFC 3447
See: http://www.ietf.org/rfc/rfc3447.txt

[RFC2253] “Lightweight Directory Access Protocol (v3):UTF-8 String Representation of Distinguished Names”
December 1997. See: http://www.ietf.org/rfc/rfc2253.txt

[RFC4051] ”Additional XML Security Uniform Resource Identifiers (URIs)” April 2005. See:
http://www.ietf.org/rfc/rfc4051.txt

[Time] UTC, RFC 3339: Date and Time on the Internet: Timestamps. G. Klyne and C. Newman. Informational,
July 2002. See: http://ietf.org/rfc/rfc3339.txt

[UUID] “A Universially Unique
...