Ballot SMC013: Enable PQC Algorithms for S/MIME
Ballot SMC013: Enable PQC Algorithms for S/MIME
Summary:
This ballot introduces specifications for the use of two post-quantum cryptography (PQC) algorithms, as standardized by the U.S. National Institute of Standards and Technology (NIST), in the S/MIME BR:
ML-DSA, or Module-Lattice-Based Digital Signature Algorithm, a digital signature scheme; and
ML-KEM, or Module-Lattice-Based Key-Encapsulation Mechanism, a key encapsulation mechanism.
The ballot specifies single-key/non-hybrid PQC certificates that do not rely upon pre-quantum algorithms.
The ballot is intended to enable experimentation by Certificate Issuers with PQC certificates; noting that additional requirements on the use of PQC may be imposed by Root programs.
This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Andreas Henschel (D-Trust) and Martijn Katerbarg (Sectigo).
— Motion Begins —
This ballot modifies the “Baseline Requirements for the Issuance and Management of Publicly-Trusted S/MIME Certificates” (“S/MIME Baseline Requirements”), based on Version 1.0.10.
— Motion Ends —
This ballot proposes a Final Maintenance Guideline. The procedure for approval of this ballot is as follows:
Discussion (at least 7 days)
- Start time: July 2, 2025 at 18:00:00 UTC
- End time: July 11, 2025 at 18:00:00 UTC