CA/Browser Forum
Home » About the CA/Browser Forum » Information » Forum IPR Subcommittee

Forum IPR Subcommittee

Forum IPR Subcommittee Charter

Upon approval of the CAB Forum by ballot, and in accordance with section 5.6 of the CA/Browser Forum Bylaws, the Forum IPR Subcommittee (“FIPR”) is created to perform the activities specified in this Charter, subject to the terms and conditions of the Bylaws, which take precedence over this Charter.

1. Definitions

Definitions found in the Bylaws or in the IPR Policy shall apply to capitalized terms in this Charter.

2. Scope

The primary activity of the FIPR shall be to review and propose revisions to the Forum’s IPR Policy, IPR Policy Agreement, and Exclusion Notice Template (“Deliverables”). Discussion will include:

(a) How to address contributions provided by non-Forum Members (e.g., invited experts, guest speakers, researchers, etc.);

(b) If any clarifications and/or changes are necessary to the IPR Policy in view of recent events; and

(c) A potential contributor license agreement for the Forum’s GitHub repository and policy for contributing to the Forum’s GitHub repository.

The FIPR may perform other activities ancillary to this primary activity. The FIPR will not adopt Final Guidelines or Final Maintenance Guidelines.

3. Chairs and Contacts

The proposer of the ballot adopting this Charter, Ben Wilson, will act as organizer of the FIPR until the first teleconference is held for the FIPR, at which time the FIPR will elect a chair and vice-chair, either by vote or by acclamation of those present.

4. Participation

The FIPR welcomes the participation of any Forum Voting Member interested in this work. Voting Members initially declaring their participation in this Subcommittee are: Amazon, Apple, DigiCert, GoDaddy, Google, HARICA, Let’s Encrypt, Mozilla, and Sectigo.

5. Communication

The FIPR will communicate primarily through listserv-based email and shall conduct periodic calls or face-to-face meetings as needed.

6. End Date

The FIPR will submit its Deliverables to the Forum prior to December 1, 2025, and upon such date the Subcommittee is deemed dissolved.

Information
Latest releases
Server Certificate Requirements
SC099: Improve Recording of Validation Methods - May 19, 2026

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.14 - Ballot SMC016 - May 5, 2026

This ballot maintains consistency between the S/MIME Baseline Requirements and the TLS Baseline Requirements with changes introduced by Ballots SC096 and SC097. Specifically, this ballot: Creates a carve-out of the logging requirements for DNSSEC specifically, stating these are not in scope. For audit purposes, change management logging is able to confirm if the appropriate controls are in effect or not. Sunsets all remaining use of SHA-1 signatures in Certificates and CRLs. It is noted that most uses of SHA-1 signatures are already deprecated by SC097. With this ballot, all unexpired Subordinate CA Certificates issuing S/MIME containing the SHA-1 signature algorithm must be revoked. This proposal does not prohibit the use of SHA-1 to generate issuerKeyHash or issuerNameHash values as currently required by RFC 5019. Includes minor formatting corrections.

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).