Home » All CA/Browser Forum Posts » Ballot 220 – Minor Cleanups (Spring 2018)

Ballot 220 – Minor Cleanups (Spring 2018)

Results on Ballot 220 – Minor Cleanups (Spring 2018)

The voting period for Ballot 220 has ended, and the ballot has passed. Here are the results.

Voting by CAs – 24 votes total including abstentions

24 Yes votes: Actalis, Amazon, Buypass, CFCA, Chunghwa Telecom, Cisco, Comodo CA, D-TRUST, DigiCert, Disig, Entrust Datacard, GDCA, GlobalSign, HARICA, Kamu Sertifikasyon Merkezi, OATI, QuoVadis, SHECA, SSL.com, SSC, SwissSign, TrustCor, Trustwave, TurkTrust

0 No votes:

0 Abstain:

100% of voting CAs voted in favor

Voting by browsers – 5 votes total including abstentions

5 Yes votes: Apple, Comodo Security Solutions, Google, Microsoft, Mozilla

0 No votes:

0 Abstain:

100% of voting browsers voted in favor

Under Bylaw 2.2(g), a ballot result will be considered valid only when more than half of the number of currently active Members has participated. Votes to abstain are counted in determining a quorum. Half of currently active Members as of the start of voting is 10, so quorum was 11 votes – quorum was met.

Bylaw 2.2(f) requires a yes vote by two-thirds of CA votes and 50%-plus-one browser votes for approval. Votes to abstain are not counted for this purpose. This requirement was met for both CAs and browsers.

At least one CA Member and one browser Member must vote in favor of a ballot for the ballot to be adopted. This requirement was met

The ballot passes.

Ballot 220: Minor Cleanups (Spring 2018)

Purpose of Ballot: This ballot corrects two incorrect cross-references and one terminology error.

The following motion has been proposed by Tim Hollebeek of DigiCert and endorsed by Stephen Davidson of Quovadis and Adriano Santoni of Actalis.

MOTION BEGINS –

This ballot modifies the “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates” as follows, based upon Version 1.5.6:

In the definition of Qualified Auditor and in section 8.4, change the references to section 8.3 to point to section 8.2.

In section 3.2.2.4.6, change the non-existing term “Request Value” to the defined term “Random Value”.

Motion ends

The procedure for approval of this ballot is as follows:

Discussion (7+ days)

Start Time: 2018-03-14 9:45:00 EDT

End Time: after 2018-03-23 6:45:00 EDT

Vote for approval (7 days)

Start Time: 2018-03-23 6:45:00 EDT

End Time: 2018-03-30 6:45:00 EDT

Latest releases

Server Certificate Requirements
SC-089: Mass Revocation Planning - Aug 26, 2025

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.12 - Ballot SMC014 - Oct 13, 2025

This ballot introduces requirements that a Certificate Issuer MUST deploy DNSSEC validation back to the IANA DNSSEC root trust anchor on all DNS queries associated with CAA record lookups performed by the Primary Network Perspective, effective March 15, 2026. The ballot is intended to maintain consistency in the S/MIME Baseline Requirements with the requirements of Ballot SC-085 which implemented identical requirements in the TLS Baseline Requirements. Note: SC-085 also introduced requirements in TLS Baseline Requirements for the use of DNSSEC in domain control validation. These requirements are automatically adopted in the S/MIME BR by the email domain control methods that include a normative reference to section 3.2.2.4 of the TLS Baseline Requirements. The draft also includes minor corrections to web links in the text. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Client Wilson (Apple) and Ashish Dhiman (GlobalSign).

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025