CA/Browser Forum
Home » All CA/Browser Forum Posts » Ballot Forum-6 – Update ETSI Requirements in the Bylaws

Ballot Forum-6 – Update ETSI Requirements in the Bylaws

Results on Ballot Forum-6 – Update ETSI Requirements in the Bylaws

The voting period for Ballot Forum-6 has ended and the ballot has passed. Here are the results.

Voting by CAs – 14 votes total including abstentions

  • 12 Yes votes: Actalis, Buypass, Camerfirma, D-TRUST, DocuSign France, Entrust Datacard, GlobalSign, HARICA, Izenpe, Kamu SM, Logius PKIoverheid, SSC
  • 0 No votes:
  • 2 Abstain: OATI, Visa 86% of voting CAs voted in favor

Voting by browsers – 2 votes total including abstentions

  • 2 Yes votes: Mozilla, 360
  • 0 No votes:
  • 0 Abstain: 100% of voting browsers voted in favor

Under Bylaw 2.2(g), a ballot result will be considered valid only when more than half of the number of currently active Members has participated. Votes to abstain are counted in determining a quorum. Half of currently active Members as of the start of voting is 11, so quorum was 12 votes – quorum was met.

Bylaw 2.2(f) requires a yes vote by two-thirds of CA votes and 50%-plus-one browser votes for approval. Votes to abstain are not counted for this purpose. This requirement was met for both CAs and browsers.

At least one CA Member and one browser Member must vote in favor of a ballot for the ballot to be adopted. This requirement was met

The ballot passes.

The following motion has been proposed by Dimitris Zacharopoulos of HARICA and endorsed by Moudrick M. Dadashov of SSC and Mads Egil Henriksveen from Buypass.

Background: Sections 2.1(a)(1) and 2.1(a)(2) of the Bylaws describe the qualifying criteria for “Certificate Issuers” and “Root Certificate Issuers”. This ballot attempts to remove references to the old ETSI TS documents.

Motion begins

In Sections 2.1(a)(1) and 2.1(a)(2) of the Bylaws, update the ETSI references: “or ETSI TS 102042, ETSI 101456, or ETSI EN 319 411-1” and “ETSI EN 319 411-1102042 or ETSI TS 102042 or ETSI TS 101 456” with “or ETSI EN 319 411-1”.

Motion ends

Here is a red-line of these particular changes. (1) Certificate Issuer: The member organization operates a certification authority that has a current and successful WebTrust for CAs audit or ETSI EN 319 411-1 or ETSI TS 102 042 or ETSI TS 101 456 audit report prepared by a properly-qualified auditor, is a member of a CWG, and that actively issues certificates to end entities, such certificates being treated as valid by a Certificate Consumer Member. Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Sec. 3.1 for a period of time to be designated by the Forum. (2) Root Certificate Issuer: The member organization operates a certification authority that has a current and successful WebTrust for CAs, or ETSI EN 319 411-1 102042 or ETSI TS 102 042 or ETSI TS 101 456 audit report prepared by a properly-qualified auditor, is a member of a CWG, and that issues certificates to subordinate CAs that, in turn, actively issue certificates to end entities such certificates being treated as valid by a Certificate Consumer Member. Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Section 3.1 for a period of time to be designated by the Forum.

The procedure for approval of this ballot is as follows: Forum-6 – Update ETSI requirements in the Bylaws

** Start time (22:00 UTC) End time (22:00 UTC)** Discussion (7 days) 17 September 2018 24 September 2018 Vote for approval (7 days) 24 September 2018 1 October 2018

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).