CA/Browser Forum
Home » All CA/Browser Forum Posts » Ballot 11 – Prior Equivalent Authority

Ballot 11 – Prior Equivalent Authority

Ballot 11 – Prior Equivalent Authority (Passed)

Motion

Bruce Morton has made the following motion, and Nick Hales and Jay Schiavo have endorsed it:

Motion begins

The Guidelines should be amended by the following erratum.

Erratum begins

Add 19(c)(6):

Prior Equivalent Authority. The signing authority of the Contract Signer, and/or the EV authority of the Certificate Approver, MAY be verified by relying on a demonstration of Prior Equivalent Authority.

(A) Prior Equivalent Authority of a Contract Signer MAY be relied upon for confirmation or verification of the signing authority of the Contract Signer when the Contract Signer has executed a binding contract between the CA and the Applicant with a legally valid and enforceable seal or handwritten signature and only when the contract was executed more than 90 days prior to the EV certificate application. The CA MUST record sufficient details of the previous agreement to correctly identify it and associate it with the EV application. Such details MAY include any of the following: · Agreement title · Date of Contract Signer’s signature · Contract reference number · Filing location

(B) Prior Equivalent Authority of a Certificate Approver MAY be relied upon for confirmation or verification of the EV authority of the Certificate Approver when the Certificate Approver has performed one or more of the following: (1) Under contract to the CA, has served (or is serving) as an Enterprise RA for the Applicant (2) Has participated in the approval of one or more SSL certificates issued by the CA, which are currently in use on public servers operated by the Applicant. In this case the CA MUST have contacted the Certificate Approver by phone at a previously validated phone number or have accepted a signed and notarized letter approving the certificate request.

Erratum ends

The ballot review period comes into effect at 1700 EST on (Tuesday) 4 Mar 2008, and will close at 1700 EST on (Tuesday) 11 Mar 2008. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 1700 EST on (Tuesday) 18 Mar 2008.

Votes must be cast by ‘reply all’ to this email.

A vote in favour of the motion must indicate a clear ‘yes’ in the response. A vote against must indicate a clear ‘no’ in the response. A vote to abstain must indicate a clear ‘abstain’ in the response. Unclear responses will not be counted.

The latest vote received from any representative of a voting member before the close of the voting period will be counted.

Motion ends

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).