CA/Browser Forum
Home » All CA/Browser Forum Posts » Ballot 6 – Non Commercial Entity Type

Ballot 6 – Non Commercial Entity Type

Ballot 6 – Non Commercial Entity Type (Passed Unanimously)

Motion

Tony Berman has made the following motion, and Peri Drucker and Bruce Morton have endorsed it:

Motion begins

The Guidelines should be amended by the following erratum.

Erratum begins

  1. Section 5 of the guidelines

Add the following subsection:

“(e) Non-Commercial Entity Subjects The CA MAY issue EV Certificates to Non-Commercial Entities who do not qualify under subsections (b), (c) and (d) but satisfy the following requirements:

(1) International Organization Entity Subjects

The CA MAY issue EV Certificates to International Organization Entities that satisfy the following requirements:

(1) The International Organization Entity is created under a Charter, Treaty, Convention or equivalent instrument that was signed by, or on behalf of, more than one country’s government. The CABForum may publish a listing of International Organizations that have been approved for EV eligibility, and

(2)The International Organization Entity MUST NOT be headquartered in any country where the CA is prohibited from doing business or issuing a certificate by the laws of the CA’s jurisdiction; and

(3) The International Organization Entity MUST NOT be listed on any government denial list or prohibited list (e.g., trade embargo) under the laws of the CA’s jurisdiction.

Subsidiary organizations or agencies of qualified international organizations may also qualify for EV in terms of these Guidelines.”

  1. Section 6(a)(3) of the Guidelines

Delete: ‘This field MUST contain one of the following strings : ‘V1.0, Clause 5.(b)’, ‘V1.0, Clause 5.(c)’ or ‘V1.0, Clause 5.(d)’, depending whether the Subject qualifies under the terms of Section 5b, 5c, or 5d of the Guidelines, respectively.’

Add:

– This field MUST contain one of the following strings: ‘V1.0, Clause 5.(b)’, ‘V1.0, Clause 5.(c)’, ‘V1.0, Clause 5.(d)’ or ‘V1.0, Clause 5.(e)’ depending whether the Subject qualifies under the terms of Section 5b, 5c,5d or 5e of the Guidelines, respectively.

The amended section shall read as follows: ”(3) Business Category:

-Certificate Field: subject:businessCategory (OID 2.5.4.15)

-Required/Optional: Required

-Contents: This field MUST contain one of the following strings: ‘V1.0, Clause 5.(b)’, ‘V1.0, Clause 5.(c)’, ‘V1.0, Clause 5.(d)’ or ‘V1.0, Clause 5.(e)’ depending whether the Subject qualifies under the terms of Section 5b, 5c,5d or 5e of the Guidelines, respectively.”

  1. Section 14(a)

Add section 14 (a) (4):

“Non-Commercial Entities:

(1) International Organization Entities

a. Legal Existence: Verify that Applicant is a legally recognized International Organization Entity.

b. Entity Name: Verify that Applicant’s formal legal name matches Applicant’s name in the EV Certificate Request.

c. Registration Number: The CA SHOULD obtain Applicant’s date of formation, or the identifier for the legislative act that created the International Organization Entity. In circumstances where this information is not available, the CA MUST enter appropriate language to indicate that the Subject is an International Organization Entity”

  1. Section 14(b)

Add section 14(b)(5):

– Non-Commercial Entities

“(a) International Organization Entities:

All items listed in subsection (a)(4)(1)MUST be verified either:

· With reference to the constituent document under which the International Organization was formed, or

· Directly with a signatory country’s government in which the CA is permitted to do business. Such verification may be obtained with an appropriate government agency or from the laws of that country, or verifying that the country’s government has a mission to represent it at the International Organization; or

· directly against any current list of qualified entities the CABForum may maintain at www.cabforum.org

In cases where the International Organization applying for the EV certificate is an organ or agency – including a non-governmental organization (NGO) of a verified International Organization, then the CA may verify the International Organization applicant directly with the verified umbrella International Organization, of which the applicant is an organ or agency.

  1. Definitions

Add

“Country”: A Country shall mean a Sovereign state as defined in the Guidelines.

“Sovereign State”: A Sovereign state is a state, or country which administers its own government, and is not dependent upon, or subject to, another power.

“International Organization”: An International Organization is an organization founded by a constituent document, e.g., charter, treaty, convention, or similar document, signed by, or on behalf of, a minimum of two or more Sovereign State governments.

Erratum ends

The ballot review period comes into effect at 1700 EST on (Monday) 21 Jan 2008, and will close at 1700 EST on (Sunday) 27 Jan 2008. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 1700 EST on (Sunday) 3 Feb 2008.

Votes must be cast by ‘reply all’ to this email.

A vote in favour of the motion must indicate a clear ‘yes’ in the response. A vote against must indicate a clear ‘no’ in the response. A vote to abstain must indicate a clear ‘abstain’ in the response. Unclear responses will not be counted.

The latest vote received from any representative of a voting member before the close of the voting period will be counted.

Motion ends

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).