CA/Browser Forum
Home » All CA/Browser Forum Posts » Ballot 18 – Pre-Approved Requests

Ballot 18 – Pre-Approved Requests

Ballot 18 – Pre-Approved Requests (Passed Unanimously)

Motion

Steve Roylance made the following motion, and Bruce Morton and Tony Berman endorsed it.

Motion begins

The Guidelines should be amended in accordance with the following erratum.

Erratum begins

Replace this paragraph from Section 11

  1. EV Certificate Request Requirements

(a) General Prior to the issuance of an EV Certificate, the CA MUST obtain from Applicant (via a Certificate Requester authorized to act on Applicant’s behalf) a properly completed and signed EV Certificate Request in a form prescribed by the CA and that complies with these Guidelines. One EV Certificate Request MAY suffice for multiple EV Certificates to be issued to the same Applicant at the same time.

(b) Request and Certification The EV Certificate Request MUST contain a request from, or on behalf of, Applicant for the issuance of an EV certificate, and a certification by, or on behalf of, Applicant that all of the information contained therein is true and correct.

With

  1. EV Certificate Request Requirements

(a) General Prior to the issuance of an EV Certificate, the CA MUST obtain from Applicant (via a Certificate Requester authorized to act on Applicant’s behalf) a properly completed and signed EV Certificate Request in a form prescribed by the CA and that complies with these Guidelines. One EV Certificate Request MAY suffice for multiple EV Certificates to be issued to the same Applicant when the requests have been pre-authorized in line with section 19(d) of these Guidelines

(b) Request and Certification EV Certificate Requests which are not pre-authorized in line with section 19(d) of these Guidelines MUST contain a request from, or on behalf of, Applicant for the issuance of an EV certificate, or certificates, and a certification by, or on behalf of, Applicant that all of the information contained therein is true and correct.

And

Replace this paragraph from Section 20

  1. Verification of Signature on Subscriber Agreement and EV Certificate Requests

Both the Subscriber Agreement and each EV Certificate Request MUST be signed. The Subscriber Agreement MUST be signed by an authorized Contract Signer. The EV Certificate Request MUST be signed by the Certificate Requester submitting the document. If the Certificate requester is not also an authorized Certificate Approver, then an authorized Certificate Approver MUST independently approve the EV Certificate Request. In all cases, the signature MUST be a legally valid and enforceable seal or handwritten signature (for a paper Subscriber Agreement and/or EV Certificate Request), or a legally valid and enforceable electronic signature (for an electronic Subscriber Agreement and/or EV Certificate Request), that binds Applicant to the terms of each respective document.

With

  1. Verification of Signature on Subscriber Agreement and EV Certificate Requests

Both the Subscriber Agreement and each non pre-approved EV Certificate Request MUST be signed. The Subscriber Agreement MUST be signed by an authorized Contract Signer. The EV Certificate Request MUST be signed by the Certificate Requester submitting the document unless the Certificate Request has been pre-authorized in line with section 19(d) of these Guidelines. If the Certificate requester is not also an authorized Certificate Approver, then an authorized Certificate Approver MUST independently approve the EV Certificate Request. In all cases applicable signatures MUST be a legally valid and enforceable seal or handwritten signature (for a paper Subscriber Agreement and/or EV Certificate Request), or a legally valid and enforceable electronic signature (for an electronic Subscriber Agreement and/or EV Certificate Request), that binds Applicant to the terms of each respective document.

Erratum ends

Motion ends

The ballot review period comes into effect at 1700 EDT on (Tuesday) 2 Sep 2008, and will close at 1700 EDT on (Tuesday) 9 Sep 2008. Unless the motion is withdrawn during the review period, the voting period will start immediately thereafter and will close at 1700 EDT on (Tuesday) 16 Sep 2008.

Votes must be cast by ‘reply all’ to this email.

A vote in favour of the motion must indicate a clear ‘yes’ in the response. A vote against must indicate a clear ‘no’ in the response. A vote to abstain must indicate a clear ‘abstain’ in the response. Unclear responses will not be counted.

The latest vote received from any representative of a voting member before the close of the voting period will be counted.

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).