The present document describes the security features and mechanisms to bootstrap authentication and key agreement for application security. Candidate applications to use this bootstrapping mechanism include but are not restricted to subscriber certificate distribution TS 33.221 [5]. Subscriber certificates support services whose provision mobile operator assists@ as well as services that mobile operator provides. The scope of this specification includes generic bootstrapping functions@ an architecture overview and the detailed procedure how to bootstrap the credential. Clause 4 of this specification describes a mechanism@ called GBA_ME@ to bootstrap authentication and key agreement@ which does not require any changes to the UICC. Clause 5 of this specification describes a mechanism@ called GBA_U@ to bootstrap authentication and key agreement@ which does require changes to the UICC@ but provides enhanced security by storing certain derived keys on the UICC. Annex I of this specification describes a mechanism@ called 2G GBA@ to bootstrap authentication and key agreement using 2G AKA protocol. Annex M of this specification describes a mechanism@ called GBA_Digest@ to bootstrap authentication and key agreement using HTTP Digest protocol with SIP Digest credentials.