CA/Browser Forum
Home » All CA/Browser Forum Posts » Notice of IPR Review Period for BR Amendments Made by Ballots 96, 97, 99, 102 and 105

Notice of IPR Review Period for BR Amendments Made by Ballots 96, 97, 99, 102 and 105

The following changes have been made to the Baseline Requirements since the last Notice of IPR Review Period:

Ballot 96 amended sections 11.1.3 and 11.1.4 dealing with Wildcards and new gTLDs.

Ballot 97 – Prevention of Unknown Certificate Contents – amended section 10.2.3 and Appendix B and also addressed RFC 5280.

Ballot 99 added an allowance for DSA keys to Appendix B

Ballot 102 amended section 9.2.3 concerning the use of domainComponents in certificates.

Finally, the attached redlined version of the Baseline Requirements shows the changes based on Ballot 105, which just passed.

Pursuant to Section 4.1 of the CA/Browser Forum’s IPR Policy, this is notice of the commencement of a 30-day IPR maintenance-guideline review period by which certain provisions of the IPR will become applicable to the above-mentioned changes made to the Baseline Requirements by Ballots 96, 97, 99, 102 and 105. During this IPR review period you are to review these amendments and consider any licensing obligations with respect to any Essential Claims that may be encompassed by such amendments.

The 30-day IPR review period for these changes shall end on 28 August 2013.

Latest releases
Server Certificate Requirements
BRs/2.1.2 SC-080 V3: Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods - Dec 16, 2024

Ballot SC-080 V3: “Sunset the use of WHOIS to identify Domain Contact… (https://github.com/cabforum/servercert/pull/560) Ballot SC-080 V3: “Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods” (https://github.com/cabforum/servercert/pull/555)

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.8 - Ballot SMC010 - Dec 23, 2024

This ballot adopts Multi-Perspective Issuance Corroboration (MPIC) for CAs when conducting Email Domain Control Validation (DCV) and Certification Authority Authorization (CAA) checks for S/MIME Certificates. The Ballot adopts the MPIC implementation consistent with the TLS Baseline Requirements. Acknowledging that some S/MIME CAs with no TLS operations may require additional time to deploy MPIC, the Ballot has a Compliance Date of May 15, 2025. Following that date the implementation timeline described in TLS BR section 3.2.2.9 applies. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ashish Dhiman (GlobalSign) and Nicolas Lidzborski (Google).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Related posts
Tags
Ballot
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).