How are keys and certificates provided for devices, applications, and services?

To acquire keys and certificates, an adopter must sign the appropriate MTMO agreement (for device or service provider) and pay the annual fee. Adopters have the option to generate their own keys by signing the Trust Service Provider Agreement, or to order them through a Listed Trust Service Provider. Client credentials (for devices or PC-software clients) can be provisioned either online via a service provider’s Personalization Server or at a factory before they hit the market. Server credentials must be manually configured by a service provider’s DRM administrators or developers.