CA/Browser Forum
Home » All CA/Browser Forum Ballots

All CA/Browser Forum Ballots

Ballots by Status

Voting Period

No ballots in this category

IPR Review Period

  • SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods
  • SMC011: Add EUID as Registration Reference

Discussion Period

No ballots in this category

Draft / Under Consideration

No ballots in this category

  • SC-085: Require DNSSEC for CAA and DCV Lookups

Passed

  • NS-007: Extend deadline to implement NSRv2
  • SC084: DNS Labeled with ACME Account ID Validation Method
  • SC083: Winter 2024-2025 Cleanup Ballot
  • NS-004: "Updating Section 4 - Vulnerability Management - of the NCSSRs"
  • SMC010: Introduction of Multi-Perspective Issuance Corroboration
  • SC080v3: Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods
  • NS-006: Fix 1.2.2 encrypted connections scoping
  • Forum-31: Election of CA/Browser Network Security WG Vice Chair
  • Forum-33: Election of CA/Browser S/MIME Certificate WG Vice Chair
  • Forum-30: Election of CA/Browser Forum Vice Chair
  • Forum-32: Election of CA/Browser Code Signing Certificate WG Vice Chair
  • NS-005: Clarifications to sections 1, 2 and a definition prior to NS-003 taking effect
  • SMC09: Pre-Linting, WebTrust for NetSec, and Minor Updates
  • SC079v2: Allow more than one Certificate Policy in a Cross-Certified Subordinate CA Certificate
  • SC076v2: Clarify and Improve OCSP Requirements
  • FORUM-28: Extend Duration of Forum IPR Subcommittee
  • SC078: Subject organizationName alignment for DBA / Assumed Name
  • Election Ballot Forum-27: Election of CA/B Forum S/MIME Certificate WG Chair
  • Election ballot Forum-26: Election of CA/Browser Code Signing Certificate WG Chair
  • SC077: Update WebTrust Audit name in Section 8.4 and References
  • SMC08: Deprecate Legacy Generation Profiles and Minor Updates
  • CSC-26 Timestamping Private Key Protection
  • SC075: Pre-sign linting
  • CSC-25 Import EV Guidelines into CS BRs
  • SMC07: Align Logging Requirement and Key Escrow clarification
  • FORUM-022: Establish Forum IPR Subcommittee
  • SC073: Compromised and Weak Keys
  • NS-003: Restructure the NCSSRs
  • FORUM-021: Forum Definitions and Glossary WG
  • SMC06: Post implementation clarification and corrections
  • CSC-23 Marking the EV Code Signing Guidelines SUPERCEDED
  • SC068: Allow VATEL and VATXI for organizationIdentifier
  • SC067: Require Multi-Perspective Issuance Corroboration
  • SC069: Clarify router and firewall logging requirements
  • SC065: Convert EVGs into RFC3647 format
  • SMC05: Adoption of CAA for S/MIME
  • CSC-22 High Risk Requirements Update
  • FORUM-020: Amend Code Signing Certificate Working Group Charter
  • FORUM-019: Amend Server Certificate Working Group Charter
  • SC063: Make OCSP optional, require CRLs and incentivize automation
  • SC064: Temporary Moratorium on New Certificate Consumer Memberships
  • SC066v4: Fall 2023 clean-up
  • SMC04: Addition of ETSI TS 119 411-6 to audit standards
  • CSC-21 Signing Service Update
  • CSC-20 Restore version reference to EV Guidelines
  • CSC 19 - Remove SSL BR References
  • FORUM-18 Update Bylaws to version 2.5
  • SMC03: Corrections and clarifications for “S/MIME Baseline Requirements”
  • SC062: Certificate profiles update
  • SC061: New CRL Entries must have a Revocation Reason Code
  • SC058: require distributionPoint in sharded CRLs
  • SC056: 2022 Cleanup
  • SMC01: Final Guideline for “S/MIME Baseline Requirements"
  • SMC02: Confirmation Ballot for Vice Chair
  • SMCWG Chair Election / 2022

Cancelled

  • SC071: Subscriber Agreement and Terms of Use Consolidation
  • SC076: Clarify and Improve OCSP Requirements

Failed

  • CSC-029: 2025-03 SCWG alignment ballot
  • SC082: Clarify CA Assisted DNS Validation under 3.2.2.4.7
  • CSC-24 Timestamping Private Key Protection
  • SC074: Clarify CP/CPS structure according to RFC 3647
  • SC070: Clarify the use of DTPs for Domain Control Validation
  • SC059: Weak key guidance
  • SC060: Membership of ZT Browser

Information about Ballots

You can browse all posts tagged with ‘ballot’ from every working group on this page.

Working Group-level Ballots

You can locate the Working Group Ballots in the following links:

Home
Latest releases
Server Certificate Requirements
SC-084: DNS Labeled With ACME Account ID Challenge (#566) - Mar 13, 2025

BRs release version 2.1.4

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.8 - Ballot SMC010 - Dec 23, 2024

This ballot adopts Multi-Perspective Issuance Corroboration (MPIC) for CAs when conducting Email Domain Control Validation (DCV) and Certification Authority Authorization (CAA) checks for S/MIME Certificates. The Ballot adopts the MPIC implementation consistent with the TLS Baseline Requirements. Acknowledging that some S/MIME CAs with no TLS operations may require additional time to deploy MPIC, the Ballot has a Compliance Date of May 15, 2025. Following that date the implementation timeline described in TLS BR section 3.2.2.9 applies. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ashish Dhiman (GlobalSign) and Nicolas Lidzborski (Google).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).