This document provides guidelines for managing X.509 certificates for NGN security based on the trust model defined in [ITU-T Y.2701] to supplement the information in [ITU-T Y.2704]. This Supplement is applicable to an next generation network (NGN) using certificates based on the framework for public key infrastructure (PKI) and privilege management infrastructure (PMI) specified in [ITU-T X.509] for identification, authentication, privilege/attribute management and/or encryption between network elements, and between user end-devices and the NGN provider customer premise equipment (CPE) provisioning element.