CA/Browser Forum
Home » All CA/Browser Forum Posts » 2024-03-13 Minutes of the S/MIME Certificate Working Group

2024-03-13 Minutes of the S/MIME Certificate Working Group

Minutes of SMCWG

March 13, 2024

These are the Approved Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.

Attendees

Adriano Santoni - (Actalis S.p.A.), Andreas Henschel - (D-TRUST), Ashish Dhiman - (GlobalSign), Bruce Morton - (Entrust), Clint Wilson - (Apple), Dave Chin - (CPA Canada/WebTrust), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Judith Spencer - (CertiPath), Marco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Morad Abou Nasser - (TeleTrust), Nome Huang - (TrustAsia), Paul van Brouwershaven - (Entrust), Rollin Yu - (TrustAsia), Sandy Balzer - (SwissSign), Scott Rea - (eMudhra), Stefan Selbitschka - (rundQuadrat), Stephen Davidson - (DigiCert), Tadahiko Ito - (SECOM Trust Systems), Tathan Thacker - (IdenTrust), Wendy Brown - (US Federal PKI Management Authority)

1. Roll Call

The Roll Call was taken.

2. Read Antitrust Statement

The statement was read concerning the antitrust policy, code of conduct, and intellectual property rights agreement.

3. Review Agenda

Minutes were prepared by Stephen Davidson.

4. Approval of minutes from last teleconference

The minutes for the teleconference of February 28 were approved.

The membership of DiSig in the SMCWG was confirmed.

5. Discussion

Stephen Davidson

Stephen Davidson provided an overview of the draft text of SMC06 clarifications and corrections ballot, including several new items relating to https://github.com/cabforum/smime/issues/236 and https://github.com/cabforum/smime/issues/237. Following discussion it was agreed that suspension be clarified as specifically as certificateHold. Adriano Santoni noted that it was unclear if suspension was even supported by email clients and perhaps should be considered for removal in future. See https://github.com/srdavidson/smime/compare/ed36440d7c967732aa08739b14cc29bed257a67d...246fab8b8880aa62cec95b6d055b872173d4dadf

Stephen encouraged members to use the Issues list at https://github.com/cabforum/smime/issues to submit topics for consideration.

Stephen noted that the ballot would soon move ahead with endorsers including Martijn Katerbarg of Sectigo and Roman Fischer of SwissSign.

The group had a discussion of SC ballots for relevance to the SMCWG, noting that if the MPV ballot is successful a review may be required for the S/MIME BR.

Stephen noted that the server certificate working group is working towards automatically distributing audio recordings of meetings to participants, which may be extended to the SMCWG as well. There was no objection.

Stephen noted that the group would soon discuss the possible deprecation of the Legacy profiles and again asked Certificate Issuers to review items that presented obstacles to moving to the Multipurpose or Strict profiles. He noted that there were concerns on the ability of ERAs to parse out giveName and surname as separate Subject attributes, and shorter certificate validity may be an issue for implementations using smartcards.

Stephen asked if using CCADB to poll Certificate Issuers regarding their S/MIME BR profiles would present a by-laws/anticompetitive issue?

6. Any Other Business

None

7. Next call

Next call: Wednesday, March 27, 2024 at 11:00 am Eastern Time

Adjourned

Latest releases
Server Certificate Requirements
SC095v3: Clean-up 2025 - Apr 2, 2026

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.13 - Ballot SMC015v2 - Mar 28, 2026

This ballot introduces requirements that a CA or RA must follow to rely upon a Mobile Drivers License (mDL) to provide evidence for the authentication of individual identity. It allows the use of mDL that conform to ISO/IEC 18013-5 and which may be verified by the CA or RA in conformance with ISO/IEC 18013-7. The CA or RA shall only accept mDL from an Issuing Authority that is legally authorized by the relevant government or jurisdiction to issue driving licenses. The draft also aligns the subsections of 3.2.4.2 (Validation of individual identity) to correspond more closely with those in 3.2.4.1 (Attribute collection of individual identity). It also includes minor editorial corrections. SMC015v2 was updated to remove an additional reference to the superceded ETSI EN 319 403. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ben Wilson (Mozilla) and Scott Rea (eMudhra).

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025

Related posts
Tags
Minutes S/MIME
Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).