CA/Browser Forum
Home » Posts » Ballot 11 – Prior Equivalent Authority

Ballot 11 – Prior Equivalent Authority

Ballot 11 – Prior Equivalent Authority (Passed)

Motion

Bruce Morton has made the following motion, and Nick Hales and Jay Schiavo have endorsed it:

Motion begins

The Guidelines should be amended by the following erratum.

Erratum begins

Add 19(c)(6):

Prior Equivalent Authority. The signing authority of the Contract Signer, and/or the EV authority of the Certificate Approver, MAY be verified by relying on a demonstration of Prior Equivalent Authority.

(A) Prior Equivalent Authority of a Contract Signer MAY be relied upon for confirmation or verification of the signing authority of the Contract Signer when the Contract Signer has executed a binding contract between the CA and the Applicant with a legally valid and enforceable seal or handwritten signature and only when the contract was executed more than 90 days prior to the EV certificate application. The CA MUST record sufficient details of the previous agreement to correctly identify it and associate it with the EV application. Such details MAY include any of the following: · Agreement title · Date of Contract Signer’s signature · Contract reference number · Filing location

(B) Prior Equivalent Authority of a Certificate Approver MAY be relied upon for confirmation or verification of the EV authority of the Certificate Approver when the Certificate Approver has performed one or more of the following: (1) Under contract to the CA, has served (or is serving) as an Enterprise RA for the Applicant (2) Has participated in the approval of one or more SSL certificates issued by the CA, which are currently in use on public servers operated by the Applicant. In this case the CA MUST have contacted the Certificate Approver by phone at a previously validated phone number or have accepted a signed and notarized letter approving the certificate request.

Erratum ends

The ballot review period comes into effect at 1700 EST on (Tuesday) 4 Mar 2008, and will close at 1700 EST on (Tuesday) 11 Mar 2008. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 1700 EST on (Tuesday) 18 Mar 2008.

Votes must be cast by ‘reply all’ to this email.

A vote in favour of the motion must indicate a clear ‘yes’ in the response. A vote against must indicate a clear ‘no’ in the response. A vote to abstain must indicate a clear ‘abstain’ in the response. Unclear responses will not be counted.

The latest vote received from any representative of a voting member before the close of the voting period will be counted.

Motion ends

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed

Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates:

  • Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action;
  • Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and
  • Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).