CA/Browser Forum posts
Ballot CSC-32: Make a Reserved Policy OID mandatory
June 16, 2026 by The Intellectual Property Review (IPR) period for Ballot CSC-32 (Ballot CSC-32: Make a Reserved Policy OID mandatory) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of November 17, 2025. The new CSC BRs v3.10.0 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-CSCBR-3.11.0.pdf IPR Review of Ballot CSC-32: Make a Reserved Policy OID mandatory This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period of 30 days is for one Final Maintenance Guidelines. The complete Draft Maintenance Guideline that is the subject of this Review Notice is attached to this email.
June 16, 2026 by The Intellectual Property Review (IPR) period for Ballot CSC-32 (Ballot CSC-32: Make a Reserved Policy OID mandatory) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of November 17, 2025. The new CSC BRs v3.10.0 have been published to the CABF public website in accordance with the Bylaws: https://cabforum.org/uploads/CA-Browser-Forum-CSCBR-3.11.0.pdf IPR Review of Ballot CSC-32: Make a Reserved Policy OID mandatory This Review Notice is sent pursuant to Section 4.1 of the CA/Browser Forum’s Intellectual Property Rights Policy (v1.3). This Review Period of 30 days is for one Final Maintenance Guidelines. The complete Draft Maintenance Guideline that is the subject of this Review Notice is attached to this email.
Ballot SMC017v2: Increase Minimum RSA CA Key Size
June 16, 2026 by Stephen DavidsonBallot SMC017v2: Increase Minimum RSA CA Key SizeSummary: This ballot increases the minimum RSA key size for Root and Subordinate CA certificates in the S/MIME BRs from 2048 to 4096 bits for keys created after September 15, 2026, while retaining the 2048-bit minimum for Subscriber certificates. The ballot further requires that by September 15, 2027, CAs SHALL NOT issue Subscriber certificates from any Sub-CA whose RSA key modulus is less than 3072 bits, effectively sunsetting issuance from legacy 2048-bit Sub-CAs. The ballot also includes minor typographic corrections.
June 16, 2026 by Stephen DavidsonBallot SMC017v2: Increase Minimum RSA CA Key SizeSummary: This ballot increases the minimum RSA key size for Root and Subordinate CA certificates in the S/MIME BRs from 2048 to 4096 bits for keys created after September 15, 2026, while retaining the 2048-bit minimum for Subscriber certificates. The ballot further requires that by September 15, 2027, CAs SHALL NOT issue Subscriber certificates from any Sub-CA whose RSA key modulus is less than 3072 bits, effectively sunsetting issuance from legacy 2048-bit Sub-CAs. The ballot also includes minor typographic corrections.
2026-06-04 Minutes of the Server Certificate Working Group
June 4, 2026 by Wayne ThayerMinutes: Dimitris leading the meeting and taking minutes Dimitris read the note-well. No changes were requested for the agenda. Minutes approval May 21, 2026 - these minutes were distributed on 2026-05-21. The minutes were approved. Next call: June 18, 2026 Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (SSL.com), Adam Folson (IdenTrust), Adriano Santoni (Actalis S.p.A.), Alexandros Afentoulis (HARICA), Alvin Wang (SHECA), Andrea Holland (IdenTrust), Antti Backman (Telia Company), Arman Asemani (Apple), Ben Wilson (Mozilla), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Cynethia Brown (US Federal PKI Management Authority), Daryn Wright (Apple), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Eamon Zhang (TrustAsia), Eleftheria Theologou (HARICA), Enrico Entschew (D-TRUST), Eric Hampshire (Cisco Systems), Georgy Sebastian (Amazon), Grace Cimaszewski (Grace Cimaszewski (Private Person)), Gregory Tomko (GlobalSign), Gurleen Grewal (Google), Hazhar Ismail (MSC Trustgate Sdn Bhd), Henry Birge-Lee (Henry Birge-Lee (Private person)), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jan Smith (US Federal PKI Management Authority), Jinhwan Shin (CPA Canada/WebTrust), Joe DeBlasio (Google), John Mason (Microsoft), Johnny Reading (GoDaddy), Joseph Cigin (Joseph Cigin (Private Person)), Jos Purvis (Fastly), Josselin Allemandou (Certigna (DHIMYOTIS)), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kiran Tummala (Apple), Li-Chun Chen (Chunghwa Telecom), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Mads Henriksveen (Buypass AS), Mahua Chaudhuri (Microsoft), Marijn Nagelkerke (360 Browser), Mark Gamache (Mark Gamache (Private Person)), Mark Nelson (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Masatoshi Shigaki (CPA Canada/WebTrust), Matthew McPherrin (Let’s Encrypt), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nate Smith (GoDaddy), Nick France (Sectigo), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Paul van Brouwershaven (Entrust), Paul van Brouwershaven (Digitorus), Pekka Lahtiharju (Telia Company), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rob Brady (SGNR, LLC), Rob Stradling (Sectigo), Rob White (GoDaddy), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Sándor Szőke (Microsec), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Sven Rajala (Keyfactor), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Connelly (US Federal PKI Management Authority), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tim Crawford (CPA Canada/WebTrust), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tsung-Min Kuo (Chunghwa Telecom), Vikas Khanna (Microsoft), Vinay Kumar (OATI), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Zhao Kuisen (NovaVanguard Technology Co., Ltd.).
June 4, 2026 by Wayne ThayerMinutes: Dimitris leading the meeting and taking minutes Dimitris read the note-well. No changes were requested for the agenda. Minutes approval May 21, 2026 - these minutes were distributed on 2026-05-21. The minutes were approved. Next call: June 18, 2026 Attendees Aaron Gable (Let’s Encrypt), Aaron Poulsen (SSL.com), Adam Folson (IdenTrust), Adriano Santoni (Actalis S.p.A.), Alexandros Afentoulis (HARICA), Alvin Wang (SHECA), Andrea Holland (IdenTrust), Antti Backman (Telia Company), Arman Asemani (Apple), Ben Wilson (Mozilla), Chad Dandar (Cisco Systems), Chris Clements (Google), Clint Wilson (Apple), Cynethia Brown (US Federal PKI Management Authority), Daryn Wright (Apple), Dean Coclin (DigiCert), Dimitris Zacharopoulos (HARICA), Dustin Hollenback (Apple), Eamon Zhang (TrustAsia), Eleftheria Theologou (HARICA), Enrico Entschew (D-TRUST), Eric Hampshire (Cisco Systems), Georgy Sebastian (Amazon), Grace Cimaszewski (Grace Cimaszewski (Private Person)), Gregory Tomko (GlobalSign), Gurleen Grewal (Google), Hazhar Ismail (MSC Trustgate Sdn Bhd), Henry Birge-Lee (Henry Birge-Lee (Private person)), Hogeun Yoo (NAVER Cloud Trust Services), Inaba Atsushi (GlobalSign), India Donald (US Federal PKI Management Authority), Jan Smith (US Federal PKI Management Authority), Jinhwan Shin (CPA Canada/WebTrust), Joe DeBlasio (Google), John Mason (Microsoft), Johnny Reading (GoDaddy), Joseph Cigin (Joseph Cigin (Private Person)), Jos Purvis (Fastly), Josselin Allemandou (Certigna (DHIMYOTIS)), Jun Okura (Cybertrust Japan), Karina Sirota (Microsoft), Kateryna Aleksieieva (Asseco Data Systems SA (Certum)), Kiran Tummala (Apple), Li-Chun Chen (Chunghwa Telecom), Lilia Dubko (CPA Canada/WebTrust), Lucy Buecking (IdenTrust), Mads Henriksveen (Buypass AS), Mahua Chaudhuri (Microsoft), Marijn Nagelkerke (360 Browser), Mark Gamache (Mark Gamache (Private Person)), Mark Nelson (IdenTrust), Martijn Katerbarg (Sectigo), Masaru Sakamoto (Cybertrust Japan), Masatoshi Shigaki (CPA Canada/WebTrust), Matthew McPherrin (Let’s Encrypt), Michelle Coon (OATI), Mrugesh Chandarana (IdenTrust), Nate Smith (GoDaddy), Nick France (Sectigo), Nome Huang (TrustAsia), Ono Fumiaki (SECOM Trust Systems), Paul van Brouwershaven (Entrust), Paul van Brouwershaven (Digitorus), Pekka Lahtiharju (Telia Company), Peter Miskovic (Disig), Rebecca Kelly (SSL.com), Rob Brady (SGNR, LLC), Rob Stradling (Sectigo), Rob White (GoDaddy), Rollin Yu (TrustAsia), Roman Fischer (SwissSign), Sándor Szőke (Microsec), Sandy Balzer (SwissSign), Scott Rea (eMudhra), Sean Huang (TWCA), Sven Rajala (Keyfactor), Tadahiko Ito (SECOM Trust Systems), Tathan Thacker (IdenTrust), Thomas Connelly (US Federal PKI Management Authority), Thomas Zermeno (SSL.com), Tim Callan (Sectigo), Tim Crawford (CPA Canada/WebTrust), Tobias Josefowitz (Opera Software AS), Trevoli Ponds-White (Amazon), Tsung-Min Kuo (Chunghwa Telecom), Vikas Khanna (Microsoft), Vinay Kumar (OATI), Wayne Thayer (Fastly), Wendy Brown (US Federal PKI Management Authority), Zhao Kuisen (NovaVanguard Technology Co., Ltd.).
Ballot SC087v2: Registration Number Improvement for EV Certificates
June 3, 2026 by Voting Results Certificate Issuers 18 votes in total:
June 3, 2026 by Voting Results Certificate Issuers 18 votes in total:
2026-05-21 Minutes of the Server Certificate Working Group
May 21, 2026 by Wayne ThayerMinutes: 1. Begin Recording - Roll Call Meeting called to order by Dimitris Zacharopoulos.
May 21, 2026 by Wayne ThayerMinutes: 1. Begin Recording - Roll Call Meeting called to order by Dimitris Zacharopoulos.
Ballot SC098v2: Process RFC 8657 CAA Parameters
May 13, 2026 by Wayne ThayerVoting Results Certificate Issuers 23 votes in total:
May 13, 2026 by Wayne ThayerVoting Results Certificate Issuers 23 votes in total:
2026-05-07 Minutes of the Server Certificate Working Group
May 7, 2026 by Wayne ThayerMinutes: Meeting Title: CA/Browser Forum SCWG Teleconference Date: 7 May 2026 Chair: Dimitris Zacharopoulos Minutes Taken By: Lynn Jeun 1. Begin Recording - Roll Call Meeting called to order by Dimitris Zacharopoulos.
May 7, 2026 by Wayne ThayerMinutes: Meeting Title: CA/Browser Forum SCWG Teleconference Date: 7 May 2026 Chair: Dimitris Zacharopoulos Minutes Taken By: Lynn Jeun 1. Begin Recording - Roll Call Meeting called to order by Dimitris Zacharopoulos.
Ballot SMC017: Increase Minimum RSA CA Key Size
April 29, 2026 by Stephen DavidsonBallot SMC017: Increase Minimum RSA CA Key SizeBallot SMC017 was withdrawn on May 12, 2026. Ballot SMC017: Increase Minimum RSA CA Key SizeSummary: This ballot increases the minimum RSA key size for Root and Subordinate CA certificates in the S/MIME BRs from 2048 to 4096 bits for keys created on or after September 15, 2026, while retaining the 2048-bit minimum for Subscriber certificates.
April 29, 2026 by Stephen DavidsonBallot SMC017: Increase Minimum RSA CA Key SizeBallot SMC017 was withdrawn on May 12, 2026. Ballot SMC017: Increase Minimum RSA CA Key SizeSummary: This ballot increases the minimum RSA key size for Root and Subordinate CA certificates in the S/MIME BRs from 2048 to 4096 bits for keys created on or after September 15, 2026, while retaining the 2048-bit minimum for Subscriber certificates.
2026-04-23 Minutes of the Server Certificate Working Group
April 23, 2026 by Wayne ThayerMinutes: Begin Recording - Roll Call Recording started
April 23, 2026 by Wayne ThayerMinutes: Begin Recording - Roll Call Recording started
Ballot SC099: Improve Recording of Validation Method
April 18, 2026 by Wayne ThayerVoting Results Certificate Issuers 29 votes in total:
April 18, 2026 by Wayne ThayerVoting Results Certificate Issuers 29 votes in total: