CA/Browser Forum
Home » Posts » 2024-03-27 Minutes of the S/MIME Certificate Working Group

2024-03-27 Minutes of the S/MIME Certificate Working Group

Minutes of SMCWG

March 27, 2024

These are the Approved Minutes of the meeting described in the subject of this message. Corrections and clarifications where needed are encouraged by reply.


Adrian Mueller - (SwissSign), Adriano Santoni - (Actalis S.p.A.), Andreas Henschel - (D-TRUST), Ben Wilson - (Mozilla), Clint Wilson - (Apple), Corey Bonnell - (DigiCert), Inaba Atsushi - (GlobalSign), Inigo Barreira - (Sectigo), Judith Spencer - (CertiPath), Marco Schambach - (IdenTrust), Martijn Katerbarg - (Sectigo), Morad Abou Nasser - (TeleTrust), Rollin Yu - (TrustAsia), Sandy Balzer - (SwissSign), Scott Rea - (eMudhra), Stephen Davidson - (DigiCert), Tim Crawford - (CPA Canada/WebTrust), Wendy Brown - (US Federal PKI Management Authority)

1. Roll Call

The Roll Call was taken.

2. Read Antitrust Statement

The statement was read concerning the antitrust policy, code of conduct, and intellectual property rights agreement.

3. Review Agenda

Minutes were prepared by Stephen Davidson.

4. Approval of minutes from last teleconference

The minutes for the teleconference of March 13 were approved.

5. Discussion

Stephen Davidson noted that Ballot SMC06 was in Discussion Period with voting to begin on April 4. The group discussed relating to the use of recursive nameservers outside the CA’s audit scope. He noted a related ballot had passed in Server Cert working group but was subject to an IP claim. Should that be resolved, the language would need to be added to the S/MIME BR. He noted that some of the relevant new language was inserted in the middle of section of the TLS BR. The S/MIME BR incorporate the text from section He requested that the TLS BR, when new requirements are added that will be incorporated by other WG, isolate the new requirement in a new numbered section. The WG went on to discuss another pending ballot in the Server Cert working group relating to Multi-perspective Domain Validation This too introduces new requirements that are relevant to the S/MIME BR, and if the TLS ballot passes, will require an update to the S/MIME BR. The WG then discussed a request to “relax” the subject requirements in the S/MIME BR such that the subject:country may be allowed to differ from the country used in the organizationIdentifier. This allowance exists in the EV Guidelines. Stephen asked if CAs could provide concrete examples where an entity incorporated in one country had operations in another that did not include an entity registered in that country. Stephen noted that this subject had been discussed at length earlier in the writing of the S/MIME BR and it was agreed that only address information from government sources should be used in the Subject and that the two jurisdictions should agree. Adrian Mueller of SwissSign agreed.
The WG discussed that the S/MIME “adopted and then improved” the organizationIdentifier text from the EV Guidelines - particularly in the use of the GOV, INT, and LEI (when Active/Corroborated) registration schemes. It was urged that these methods be fed back and introduced in the EV Guidelines. Stephen again urged certificate issuers to gather information relating to the use of the Legacy profiles, in particular improvements to the Strict and Multipurpose profiles that would facilitate migration, and the reasonable timeframe for the deprecation of Legacy.

6. Any Other Business


7. Next call

Next call: Wednesday, April 10, 2024 at 11:00 am Eastern Time


Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).