CA/Browser Forum

IPR Policy

Intellectual Property Rights (IPR) Policy v. 1.3 – effective 3 July 2018

CAB Forum Agreement for IPR Policy v.1.3

The CA/Browser Forum’s IPR Policy governs Contributions by members of the Forum during the drafting and adoption process of Normative Requirements by a Working Group. A Contribution is any material “made verbally or in a tangible form of expression (including in electronic media) which is provided by a Participant in the process of developing a Draft Guideline for the purpose of incorporating such material into a Draft Guideline or a Final Guideline or Final Maintenance Guideline.” The term “Draft Guideline” includes ballots that are being considered for adoption by a Working Group as either a “Final Guideline” or a “Final Maintenance Guideline”.

When a ballot to amend an existing Final Guideline is adopted by a Working Group, that amendment is considered a Final Maintenance Guideline, and each of the above guideline documents, as amended, is then considered a “Final Guideline” of the CA/Browser Forum.

Each of the following documents is considered a “Final Guideline”:

EV TLS Certificate Guidelines

TLS Baseline Requirements

Network and Certificate System Security Requirements

Code Signing Baseline Requirements

S/MIME Baseline Requirements

Additional Information

Forum IPR Subcommittee

IPR Review Notices

IPR Exclusion Notices

CABF-IPR-Policy-v.1.2 (effective from 15 February 2016 to 2 July 2018)

Prior IPR_Policy_V1 (effective from 1-Aug-2012 to 14-Feb-2016)

Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).