CA/Browser Forum
Home » Posts » Ballot Forum-6 – Update ETSI Requirements in the Bylaws

Ballot Forum-6 – Update ETSI Requirements in the Bylaws

Results on Ballot Forum-6 – Update ETSI Requirements in the Bylaws

The voting period for Ballot Forum-6 has ended and the ballot has passed. Here are the results.

Voting by CAs – 14 votes total including abstentions

  • 12 Yes votes: Actalis, Buypass, Camerfirma, D-TRUST, DocuSign France, Entrust Datacard, GlobalSign, HARICA, Izenpe, Kamu SM, Logius PKIoverheid, SSC
  • 0 No votes:
  • 2 Abstain: OATI, Visa 86% of voting CAs voted in favor

Voting by browsers – 2 votes total including abstentions

  • 2 Yes votes: Mozilla, 360
  • 0 No votes:
  • 0 Abstain: 100% of voting browsers voted in favor

Under Bylaw 2.2(g), a ballot result will be considered valid only when more than half of the number of currently active Members has participated. Votes to abstain are counted in determining a quorum. Half of currently active Members as of the start of voting is 11, so quorum was 12 votes – quorum was met.

Bylaw 2.2(f) requires a yes vote by two-thirds of CA votes and 50%-plus-one browser votes for approval. Votes to abstain are not counted for this purpose. This requirement was met for both CAs and browsers.

At least one CA Member and one browser Member must vote in favor of a ballot for the ballot to be adopted. This requirement was met

The ballot passes.

The following motion has been proposed by Dimitris Zacharopoulos of HARICA and endorsed by Moudrick M. Dadashov of SSC and Mads Egil Henriksveen from Buypass.

Background: Sections 2.1(a)(1) and 2.1(a)(2) of the Bylaws describe the qualifying criteria for “Certificate Issuers” and “Root Certificate Issuers”. This ballot attempts to remove references to the old ETSI TS documents.

Motion begins

In Sections 2.1(a)(1) and 2.1(a)(2) of the Bylaws, update the ETSI references: “or ETSI TS 102042, ETSI 101456, or ETSI EN 319 411-1” and “ETSI EN 319 411-1102042 or ETSI TS 102042 or ETSI TS 101 456” with “or ETSI EN 319 411-1”.

Motion ends

Here is a red-line of these particular changes. (1) Certificate Issuer: The member organization operates a certification authority that has a current and successful WebTrust for CAs audit or ETSI EN 319 411-1 or ETSI TS 102 042 or ETSI TS 101 456 audit report prepared by a properly-qualified auditor, is a member of a CWG, and that actively issues certificates to end entities, such certificates being treated as valid by a Certificate Consumer Member. Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Sec. 3.1 for a period of time to be designated by the Forum. (2) Root Certificate Issuer: The member organization operates a certification authority that has a current and successful WebTrust for CAs, or ETSI EN 319 411-1 102042 or ETSI TS 102 042 or ETSI TS 101 456 audit report prepared by a properly-qualified auditor, is a member of a CWG, and that issues certificates to subordinate CAs that, in turn, actively issue certificates to end entities such certificates being treated as valid by a Certificate Consumer Member. Applicants that are not actively issuing certificates but otherwise meet membership criteria may be granted Associate Member status under Bylaw Section 3.1 for a period of time to be designated by the Forum.

The procedure for approval of this ballot is as follows: Forum-6 – Update ETSI requirements in the Bylaws

** Start time (22:00 UTC) End time (22:00 UTC)** Discussion (7 days) 17 September 2018 24 September 2018 Vote for approval (7 days) 24 September 2018 1 October 2018

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed

Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates:

  • Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action;
  • Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and
  • Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).