Home » All CA/Browser Forum Posts » Ballot 18 – Pre-Approved Requests

Ballot 18 – Pre-Approved Requests

Ballot 18 – Pre-Approved Requests (Passed Unanimously)

Motion

Steve Roylance made the following motion, and Bruce Morton and Tony Berman endorsed it.

Motion begins

The Guidelines should be amended in accordance with the following erratum.

Erratum begins

Replace this paragraph from Section 11

EV Certificate Request Requirements

(a) General Prior to the issuance of an EV Certificate, the CA MUST obtain from Applicant (via a Certificate Requester authorized to act on Applicant’s behalf) a properly completed and signed EV Certificate Request in a form prescribed by the CA and that complies with these Guidelines. One EV Certificate Request MAY suffice for multiple EV Certificates to be issued to the same Applicant at the same time.

(b) Request and Certification The EV Certificate Request MUST contain a request from, or on behalf of, Applicant for the issuance of an EV certificate, and a certification by, or on behalf of, Applicant that all of the information contained therein is true and correct.

With

EV Certificate Request Requirements

(b) Request and Certification EV Certificate Requests which are not pre-authorized in line with section 19(d) of these Guidelines MUST contain a request from, or on behalf of, Applicant for the issuance of an EV certificate, or certificates, and a certification by, or on behalf of, Applicant that all of the information contained therein is true and correct.

And

Replace this paragraph from Section 20

Verification of Signature on Subscriber Agreement and EV Certificate Requests

Both the Subscriber Agreement and each EV Certificate Request MUST be signed. The Subscriber Agreement MUST be signed by an authorized Contract Signer. The EV Certificate Request MUST be signed by the Certificate Requester submitting the document. If the Certificate requester is not also an authorized Certificate Approver, then an authorized Certificate Approver MUST independently approve the EV Certificate Request. In all cases, the signature MUST be a legally valid and enforceable seal or handwritten signature (for a paper Subscriber Agreement and/or EV Certificate Request), or a legally valid and enforceable electronic signature (for an electronic Subscriber Agreement and/or EV Certificate Request), that binds Applicant to the terms of each respective document.

With

Verification of Signature on Subscriber Agreement and EV Certificate Requests

Both the Subscriber Agreement and each non pre-approved EV Certificate Request MUST be signed. The Subscriber Agreement MUST be signed by an authorized Contract Signer. The EV Certificate Request MUST be signed by the Certificate Requester submitting the document unless the Certificate Request has been pre-authorized in line with section 19(d) of these Guidelines. If the Certificate requester is not also an authorized Certificate Approver, then an authorized Certificate Approver MUST independently approve the EV Certificate Request. In all cases applicable signatures MUST be a legally valid and enforceable seal or handwritten signature (for a paper Subscriber Agreement and/or EV Certificate Request), or a legally valid and enforceable electronic signature (for an electronic Subscriber Agreement and/or EV Certificate Request), that binds Applicant to the terms of each respective document.

Erratum ends

Motion ends

The ballot review period comes into effect at 1700 EDT on (Tuesday) 2 Sep 2008, and will close at 1700 EDT on (Tuesday) 9 Sep 2008. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 1700 EDT on (Tuesday) 16 Sep 2008.

Votes must be cast by ‘reply all’ to this email.

A vote in favour of the motion must indicate a clear ‘yes’ in the response. A vote against must indicate a clear ‘no’ in the response. A vote to abstain must indicate a clear ‘abstain’ in the response. Unclear responses will not be counted.

The latest vote received from any representative of a voting member before the close of the voting period will be counted.

Latest releases

Server Certificate Requirements
SC095v3: Clean-up 2025 - Apr 2, 2026

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.13 - Ballot SMC015v2 - Mar 28, 2026

This ballot introduces requirements that a CA or RA must follow to rely upon a Mobile Drivers License (mDL) to provide evidence for the authentication of individual identity. It allows the use of mDL that conform to ISO/IEC 18013-5 and which may be verified by the CA or RA in conformance with ISO/IEC 18013-7. The CA or RA shall only accept mDL from an Issuing Authority that is legally authorized by the relevant government or jurisdiction to issue driving licenses. The draft also aligns the subsections of 3.2.4.2 (Validation of individual identity) to correspond more closely with those in 3.2.4.1 (Attribute collection of individual identity). It also includes minor editorial corrections. SMC015v2 was updated to remove an additional reference to the superceded ETSI EN 319 403. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ben Wilson (Mozilla) and Scott Rea (eMudhra).

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025