encrypting the content according to a content key (CK) to result in (CK(content));

protecting the content key (CK) according to a public key for the license server (PU-RM);

retrieving a rights template, the rights template comprising information identifying a pre-defined set of users, pre-defined rights for each defined user, and pre-defined use conditions, the rights template adapted for repeated use in defining rights to a plurality of pieces of content;

retrieving rights data to be associated with the content from the retrieved rights template;

retrieving rules for modifying the retrieved rights data from the retrieved rights template;

modifying the retrieved rights data from the rights template according to the rules;

submitting the rights data and the protected content key (CK)) as a rights label to the license server for signing thereby, the license server validating the rights label and, if valid, creating a digital signature based on a private key (PR-RM) corresponding to (PU-RM) and based at least in part on the rights data to result in a signed rights label (SRL) and returning the SRL;

receiving the returned SRL and concatenating such received SRL with (CK(content)) to form a content package; and

distributing the content package to the one or more users, whereby a user desiring to render the content retrieves the SRL from the content package and submits the retrieved SRL to the license server as part of a request for the license corresponding to the content, whereby the license server verifies the signature of the SRL based on (PU-RM) and based at least in part on the protected rights data, accesses the rights data in the SRL and reviews same to determine whether the user is entitled to the license, and if so issues the license to the user, the license including (CK) in a protected form accessible to the user.