CA/Browser Forum
Home » All CA/Browser Forum Posts » Ballot Forum-14 – Creation of S/MIME Certificates Working Group v2

Ballot Forum-14 – Creation of S/MIME Certificates Working Group v2

Voting has ended on Ballot Forum-14, Creation of S/MIME Working Group. The results are as follows:

Certificate Issuers:

22 votes in favor: Actalis, Buypass, Certigna (DHIMYOTIS), Certum (Asseco), Chunghwa Telecom, Sectigo (former Comodo CA), D-TRUST, DigiCert, Disig, eMudhra, Entrust Datacard, GDCA, GlobalSign, GoDaddy, HARICA, Kamu SM, OISTE, SHECA, SSL.com, SwissSign, TrustCor, SecureTrust (former Trustwave)

0 No votes

0 Abstention

Certificate Consumers:

5 votes in favor: Apple, Cisco, Google, Microsoft, Mozilla

0 No votes

0 Abstention

Therefore the ballot passes.

Dean Coclin

CA/B Forum Vice Chair

—––

The following ballot is proposed by Tim Hollebeek of DigiCert and endorsed by Wayne Thayer of Mozilla and Clint Wilson of Apple.

Ballot Forum-14: Creation of S/MIME Certificates Working Group

Purpose of the Ballot

The CA/Browser Forum underwent a two-year long governance reform exercise, modifying the Bylaws to allow the creation of working groups that covered topics other than server certificates. While originally motivated by the inability to maintain requirements for code signing certificates, it was anticipated from the start that this would also provide an opportunity to create other working groups that could develop and maintain certificate profiles and requirements for other kinds of certificates. While a number of regional and technical standards exist regarding the creation and issuance of S/MIME certificates, there is no current global forum for certificate authorities and those who consume or use S/MIME certificates to come together and develop and maintain policies and standards for those certificates. This lack of standards has impeded the adoption and interoperability of S/MIME certificate worldwide. This ballot would establish a working group chartered to develop and maintain such standards for S/MIME certificates, including but not limited to two important priorities: a uniform certificate profile for the issuance of publicly-trusted S/MIME certificates, and validation requirements for such certificates.

  • MOTION BEGINS –

Establish S/MIME Certificates Working Group

Upon approval of the CAB Forum by ballot in accordance with section 5.3 of the Bylaws, the S/MIME Certificates Working Group (“SMWG”) is created to perform the activities as specified in the Charter, with the Charter as described here (https://github.com/cabforum/documents/compare/6e0b8e61590164eb2d686ddcf266b189f46fc636…e6ad111f4477010cbff409cd939c5ac1c7c85ccc).

  • MOTION ENDS The procedure for approval of this ballot is as follows:

Discussion (7+ days)

Start Time: 2020-06-01 16:40:00 EDT

End Time: after 2020-06-08 16:40:00 EDT

Vote for approval (7 days)

Start Time: 2020-06-08 16:50:00 EDT

End Time: 2020-06-15 16:50:00 EDT

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates: Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action; Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).