What is required for service providers who share keys with customers?

Key management for service providers sharing encryption keys with customers requires documented guidance on how to securely transmit, store, and update those keys. This ensures the keys remain confidential and intact as they move between parties and through their lifecycle, reducing the risk of interception, exposure, or misuse. Secure transmission means using protected channels or out-of-band methods; secure storage involves strong encryption, access controls, and proper key vault practices; updating or rotating keys covers the lifecycle, revocation, and re-issuance as needed. The other options miss this essential focus on how cryptographic keys are handled across the service-provider–customer boundary, and they don’t address the protective measures necessary for key material.