CA/Browser Forum

ETSI – European Telecommunications Standards Institute

Current Standards (as of Sept. 2020)

For the most current version of ETSI standards, please refer to this site:
https://portal.etsi.org/TB-SiteMap/ESI/Trust-Service-Providers

Conformity Assessment – EN 319 403

General Policy Requirements for a TSP – EN 319 401

General Requirements for a TSP issuing certificates – EN 319 411-1

Requirements for a TSP issuing EU qualified certificates – EN 319-411-2

You can also use the number for that ETSI standard on this search page:
https://www.etsi.org/standards-search

Accreditation

National Accreditation Bodies (NABs)

Accredited Conformity Assessment Bodies (CABs)

ETSI Electronic Signatures and Infrastructure (ESI)

Specialist Task Forces

Specialist Task Force 457 works on Framework and Coordination Activities – Coordinating the fulfilment of the Rationalised Framework for electronic signature standards across all areas as defined in Phase 1a and in line with mandate M/460, and at executing tasks that requires joint ETSI-CEN activities with regards to the fulfilment of the Rationalised Framework. It also addresses cryptographic suites which overlap with standardisation addressed by both CEN and ETSI.

STF 458 works on Trust Service Providers (TSP) Supporting electronic signatures - To align specifications for TSP supporting electronic signatures with the rationalised framework, addressing any gaps identified in the rationalised framework work plan, and the progression of all the relevant specifications to EN status.

Previous Versions

General Policy Requirements for CAs – EN 319 401 and EN 319 411-1

Data and Record Systems Security – TS 101 533-1

Qualified Certificates – EN 319 411-2 (replaces TS 101 456)

Publicly Trusted Certificates – EN 319 411-3 (replaces TS 102 042)

Extended Validation Certificates – TS 103 090 and TR 101 564

Certificate Profiles – TS 119 412 and EN 319 412

  1. Part 1: Overview and common data structures- EN 319 412-1 V0.0.4 (2013-09) (pdf)
  2. Part 2: Certificate Profile for certificates issued to natural persons – TS 119 412-2 V1.2.1(2013-08) (pdf)
  3. Part 2: Certificate Profile for certificates issued to natural persons – TS 119 412-2 V1.1.1 (2012-04) (pdf)
  4. Part 3: Certificate profile for certificates issued to legal persons – EN 319 412-3 V0.0.4 (2013-09) (pdf)
  5. Part 4: Certificate profile for web site certificates issued to organisations -EN 319 412-4 V0.0.5 (2013-09) (pdf)
  6. Part 5: Extension for Qualified Certificate profile – EN 319 412-5 V1.1.1 (2013-01) (pdf)

(Replaces TS 101 862 – Qualified certificate profile)

Time Stamping – EN 319 421 (replaces TS 101 861)

CEN is also working on a security Protection Profile  (PP) for time-stamping systems.

Trusted Lists – Harmonization of Status Information

Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).