3.6.2 Secure cryptographic key distribution
3.6.2.a Verify that key-management procedures specify how to securely distribute keys.
3.6.2.b Observe the method for distributing keys to verify that keys are distributed securely.
The encryption solution must distribute keys securely, meaning the keys are distributed only to custodians identified in 3.5.1, and are never distributed in the clear.