与可信第三方（TTP）的提供和操作相关的是许多与安全相关的问题 哪些通用指南是帮助商业实体、系统和服务的开发者和提供者等所必需的。 这包括关于TTP和使用TTP的实体的角色、地位和关系的指导 服务，通用安全要求，谁应该提供什么类型的安全，什么可能的安全 解决方案包括，以及TTP服务安全的操作使用和管理。 本建议|技术报告为TTP的使用和管理提供了指导，明确了TTP的定义 提供的基本职责和服务、说明和目的，以及TTP和 使用其服务的实体。它主要面向系统经理、开发人员、TTP操作员和企业用户 选择特定需求所需的TTP服务及其后续管理、使用和运营 部署，以及在TTP内建立安全策略。它不打算用作正式谈判的基础 TTP评估或TTP比较。 本建议|技术报告确定了TTP服务的不同主要类别，包括:时间戳， 不可否认、密钥管理、证书管理和电子公证。每个主要类别 由逻辑上属于一起的多个服务组成。

Associated with the provision and operation of a Trusted Third Party (TTP) are a number of security-related issues for which general guidance is necessary to assist business entities, developers and providers of systems and services, etc. This includes guidance on issues regarding the roles, positions and relationships of TTPs and the entities using TTP services, the generic security requirements, who should provide what type of security, what the possible security solutions are, and the operational use and management of TTP service security. This Recommendation | Technical Report provides guidance for the use and management of TTPs, a clear definition of the basic duties and services provided, their description and their purpose, and the roles and liabilities of TTPs and entities using their services. It is intended primarily for system managers, developers, TTP operators and enterprise users to select those TTP services needed for particular requirements, their subsequent management, use and operational deployment, and the establishment of a Security Policy within a TTP. It is not intended to be used as a basis for a formal assessment of a TTP or a comparison of TTPs. This Recommendation | Technical Report identifies different major categories of TTP services including: time stamping, non-repudiation, key management, certificate management, and electronic notary public. Each of these major categories consists of several services which logically belong together.