CA/Browser Forum
Home » All CA/Browser Forum Posts » WebTrust Releases New Audit Criteria for Extended Validation and Baseline Requirements

WebTrust Releases New Audit Criteria for Extended Validation and Baseline Requirements

On April 3, 2014, the WebTrust® Task Force of the American Institute of CPAs (AICPA) and Chartered Professional Accountants Canada (CPA Canada) released three new audit criteria documents to the CA/Browser Forum and others for review and/or implementation. These documents are part of the WebTrust Program for Certification Authorities and are based on the CA/Browser Forum Guidelines.

The Trust Services Principles and Criteria for Certification Authorities – Extended Validation SSL – Version 1.4.5 is based on the Forum’s Guidelines for the Issuance and Management of Extended Validation SSL Certificates – Version 1.4.5 and is effective immediately (3 April 2014).

Trust Services Principles and Criteria for Certification Authorities – SSL Baseline with Network Security – Version 2.0 is based on the Forum’s Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates – Version 1.1.6 and its Network and Certificate Systems Security Requirements – Version 1.0. The exposure draft released today has a proposed effective date of 1 July 2014 (applicable to audit periods starting on or after 1 July 2014).

The Trust Services Principles and Criteria for Certification Authorities – Extended Validation Code Signing is based on the Forum’s Guidelines for the Issuance and Management of Extended Validation Code Signing Certificates – Version 1.1. The exposure draft released today has a proposed effective date of 1 July 2014 (applicable to audit periods starting on or after 1 July 2014).

All three of these documents are available in PDF, DOC and DOCX format at .

Latest releases
Server Certificate Requirements
SC-089: Mass Revocation Planning - Aug 26, 2025

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.11 - Ballot SMC013 - Aug 22, 2025

This ballot introduces specifications for the use of two post-quantum cryptography (PQC) algorithms, as standardized by the U.S. National Institute of Standards and Technology (NIST), in the S/MIME BR.

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025

Related posts
Tags
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).