ISO 15782-1:2009 defines a certificate management system for financial industry use for legal and natural persons that includes
- credentials and certificate contents,
- Certification Authority systems, including certificates for digital signatures and for encryption key management,
- certificate generation, distribution, validation and renewal,
- authentication structure and certification paths, and
- revocation and recovery procedures.
ISO 15782-1:2009 also recommends some useful operational procedures (e.g. distribution mechanisms, acceptance criteria for submitted credentials).
Implementation of ISO 15782-1:2009 will also be based on business risks and legal requirements.
ISO 15782-1:2009 does not include
- the protocol messages used between the participants in the certificate management process,
- requirements for notary and time stamping,
- Certificate Policy and Certification Practices requirements, or
- Attribute Certificates.
While ISO 15782-1:2009 provides for the generation of certificates that could include a public key used for encryption key management, it does not address the generation or transport of keys used for encryption.