CA/Browser Forum
Home » All CA/Browser Forum Ballots

All CA/Browser Forum Ballots

Ballots by Status

Voting Period

No ballots in this category

IPR Review Period

  • CSC-31: Maximum Validity Reduction
  • SC088v3: DNS TXT Record with Persistent Value DCV Method
  • SC092: Sunset use of Precertificate Signing CAs

Discussion Period

  • SC086: Sunset the Inclusion of IP Reverse Address Domain Names

Draft / Under Consideration

No ballots in this category
No ballots in this category

Passed

  • SMC014: DNSSEC for S/MIME
  • SC089: Mass Revocation Planning
  • SMC013: Enable PQC Algorithms for S/MIME
  • Forum-036 Adopt Invited Experts Policy
  • NS-008v3: Updates to CA Infrastructure Scope, Trusted Roles, Systems' Applicability, and various other improvements
  • SMC012: Introduce ACME for S/MIME
  • SC081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods
  • SMC011: Add EUID as Registration Reference
  • SC085: Require DNSSEC for CAA and DCV Lookups
  • NS-007: Extend deadline to implement NSRv2
  • SC084: DNS Labeled with ACME Account ID Validation Method
  • SC083: Winter 2024-2025 Cleanup Ballot
  • NS-004: "Updating Section 4 - Vulnerability Management - of the NCSSRs"
  • SMC010: Introduction of Multi-Perspective Issuance Corroboration
  • SC080v3: Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods
  • NS-006: Fix 1.2.2 encrypted connections scoping
  • Forum-31: Election of CA/Browser Network Security WG Vice Chair
  • Forum-33: Election of CA/Browser S/MIME Certificate WG Vice Chair
  • Forum-30: Election of CA/Browser Forum Vice Chair
  • Forum-32: Election of CA/Browser Code Signing Certificate WG Vice Chair
  • NS-005: Clarifications to sections 1, 2 and a definition prior to NS-003 taking effect
  • SMC09: Pre-Linting, WebTrust for NetSec, and Minor Updates
  • SC079v2: Allow more than one Certificate Policy in a Cross-Certified Subordinate CA Certificate
  • SC076v2: Clarify and Improve OCSP Requirements
  • FORUM-28: Extend Duration of Forum IPR Subcommittee
  • SC078: Subject organizationName alignment for DBA / Assumed Name
  • Election Ballot Forum-27: Election of CA/B Forum S/MIME Certificate WG Chair
  • Election ballot Forum-26: Election of CA/Browser Code Signing Certificate WG Chair
  • SC077: Update WebTrust Audit name in Section 8.4 and References
  • SMC08: Deprecate Legacy Generation Profiles and Minor Updates
  • CSC-26 Timestamping Private Key Protection
  • SC075: Pre-sign linting
  • CSC-25 Import EV Guidelines into CS BRs
  • SMC07: Align Logging Requirement and Key Escrow clarification
  • FORUM-022: Establish Forum IPR Subcommittee
  • SC073: Compromised and Weak Keys
  • NS-003: Restructure the NCSSRs
  • FORUM-021: Forum Definitions and Glossary WG
  • SMC06: Post implementation clarification and corrections
  • CSC-23 Marking the EV Code Signing Guidelines SUPERCEDED
  • SC068: Allow VATEL and VATXI for organizationIdentifier
  • SC067: Require Multi-Perspective Issuance Corroboration
  • SC069: Clarify router and firewall logging requirements
  • SC065: Convert EVGs into RFC3647 format
  • SMC05: Adoption of CAA for S/MIME
  • CSC-22 High Risk Requirements Update
  • FORUM-020: Amend Code Signing Certificate Working Group Charter
  • FORUM-019: Amend Server Certificate Working Group Charter
  • SC063: Make OCSP optional, require CRLs and incentivize automation
  • SC064: Temporary Moratorium on New Certificate Consumer Memberships
  • SC066v4: Fall 2023 clean-up
  • SMC04: Addition of ETSI TS 119 411-6 to audit standards
  • CSC-21 Signing Service Update
  • CSC-20 Restore version reference to EV Guidelines
  • CSC 19 - Remove SSL BR References
  • FORUM-18 Update Bylaws to version 2.5
  • SMC03: Corrections and clarifications for “S/MIME Baseline Requirements”
  • SC062: Certificate profiles update
  • SC061: New CRL Entries must have a Revocation Reason Code
  • SC058: require distributionPoint in sharded CRLs
  • SC056: 2022 Cleanup
  • SMC01: Final Guideline for “S/MIME Baseline Requirements"
  • SMC02: Confirmation Ballot for Vice Chair
  • SMCWG Chair Election / 2022

Cancelled

  • SC088v2: DNS TXT Record with Persistent Value DCV Method
  • SC071: Subscriber Agreement and Terms of Use Consolidation
  • SC076: Clarify and Improve OCSP Requirements

Failed

  • CSC-030: 2025-06 SCWG alignment ballot
  • CSC-029: 2025-03 SCWG alignment ballot
  • SC082: Clarify CA Assisted DNS Validation under 3.2.2.4.7
  • CSC-24 Timestamping Private Key Protection
  • SC074: Clarify CP/CPS structure according to RFC 3647
  • SC070: Clarify the use of DTPs for Domain Control Validation
  • SC059: Weak key guidance
  • SC060: Membership of ZT Browser

Information about Ballots

You can browse all posts tagged with ‘ballot’ from every working group on this page.

Working Group-level Ballots

You can locate the Working Group Ballots in the following links:

Latest releases
Server Certificate Requirements
SC-089: Mass Revocation Planning - Aug 26, 2025

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.12 - Ballot SMC014 - Oct 13, 2025

This ballot introduces requirements that a Certificate Issuer MUST deploy DNSSEC validation back to the IANA DNSSEC root trust anchor on all DNS queries associated with CAA record lookups performed by the Primary Network Perspective, effective March 15, 2026. The ballot is intended to maintain consistency in the S/MIME Baseline Requirements with the requirements of Ballot SC-085 which implemented identical requirements in the TLS Baseline Requirements. Note: SC-085 also introduced requirements in TLS Baseline Requirements for the use of DNSSEC in domain control validation. These requirements are automatically adopted in the S/MIME BR by the email domain control methods that include a normative reference to section 3.2.2.4 of the TLS Baseline Requirements. The draft also includes minor corrections to web links in the text. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Client Wilson (Apple) and Ashish Dhiman (GlobalSign).

Network and Certificate System Security Requirements
Version 2.0.5 (Ballot NS-008) - Jul 9, 2025

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).