This clause defines the general principles used for defining the PIN authorization procedure:

• the solution can be based on HTTPS and focus on protection of reference points;
• security information can be pre-provisioned on the PINE/PEMC/PEGC/PIN Server/AS for authentication and authorization; pre-provisioning of security information is up to implementation;
• security information format can be defined for interoperability between PINE/PEMC/PEGC/PIN Server/AS;
• the PIN server can be authorized to generate and distribute the security information.