本文档使用对称密码技术定义密钥建立机制。 本文档介绍了建立密钥的三种环境:点对点、密钥分发中心（KDC）和密钥翻译中心（KTC）。它描述了携带键控材料或设置键控材料建立条件所需的消息内容。 本文档未指明消息中可能包含的其他信息，也未指定错误消息等其他消息。 信息的明确格式不在本文件的范围内。 本文件未规定用于建立初始密钥的方法；也就是说，本文件中规定的所有机制都要求一个实体与至少一个其他实体（例如TTP）共享密钥。有关密钥生命周期的一般指南，请参见ISO/IEC 11770-1。本文档未明确说明域间密钥管理问题。本文件也没有定义关键管理机制的实施； 符合本文件要求的产品不一定兼容。

This document defines key establishment mechanisms using symmetric cryptographic techniques. This document addresses three environments for the establishment of keys: Point-to-Point, Key Distribution Centre (KDC), and Key Translation Centre (KTC). It describes the required content of messages which carry keying material or are necessary to set up the conditions under which the keying material can be established. This document does not indicate other information which can be contained in the messages or specify other messages such as error messages. The explicit format of messages is not within the scope of this document. This document does not specify the means to be used to establish initial secret keys; that is, all the mechanisms specified in this document require an entity to share a secret key with at least one other entity (e.g. a TTP). For general guidance on the key lifecycle, see ISO/IEC 11770-1. This document does not explicitly address the issue of inter-domain key management. This document also does not define the implementation of key management mechanisms; products complying with this document are not necessarily compatible.