ISO 15782-1:2003 defines a certificate management system for financial industry use for legal and natural persons that includes credentials and certificate contents, certification authority systems (including certificates for digital signatures and encryption key management), certificate generation, distribution, validation and renewal, authentication structure and certification paths, revocation and recovery procedures, and extensions to the definitions of public-key certificates and certificate revocation lists. It also recommends some useful operational procedures (e.g. distribution mechanisms, acceptance criteria for submitted credentials). While providing for the generation of certificates that could include a public key used for encryption key management, it does not address the generation or transport of keys used for encryption.