CA/Browser Forum
Home » Resources » Object Registry

Object Registry

Object Registry of the CA / Browser Forum

The CA/Browser Forum node (assigned organization identifier) is: 2.23.140

{joint-iso-itu-t(2) international-organizations(23) ca-browser-forum(140)}

Here are the CA/B Forum-assigned Object Identifiers (OIDs):

  • certificate-policies(1)
  • extended-validation(1) — 2.23.140.1.1  (Certificate issued in compliance with the Extended Validation Guidelines)
  • baseline-requirements(2) — 2.23.140.1.2 (TLS Baseline Requirements)
  • domain-validated(1) — 2.23.140.1.2.1 (Certificate issued in compliance with the TLS Baseline Requirements – No entity identity asserted)
  • organization-validated(2) — 2.23.140.1.2.2 (Certificate issued in compliance with the TLS Baseline Requirements – Organization identity asserted)
  • individual-validated(3) — 2.23.140.1.2.3 (Certificate issued in compliance with the TLS Baseline Requirements – Individual identity asserted)
  • extended-validation-codesigning(3) — 2.23.140.1.3 (EV Code Signing Certificate issued in compliance with the Code Signing Baseline Requirements)
  • codesigning-requirements(4) codesigning(1) — 2.23.140.1.4.1 (Code Signing Certificate issued in compliance with the Code Signing Baseline Requirements)
  • codesigning-requirements(4) timestamping(2) — 2.23.140.1.4.2 (Timestamp Certificate issued in compliance with the Code Signing Baseline Requirements)
  • smime(5) — 2.23.140.1.5 (S/MIME Baseline Requirements)
  • mailbox-validated (1) legacy (1) — 2.23.140.1.5.1.1
  • mailbox-validated (1) multipurpose (2) — 2.23.140.1.5.1.2
  • mailbox-validated (1) strict (3) — 2.23.140.1.5.1.3
  • organization-validated (2) legacy (1) — 2.23.140.1.5.2.1
  • organization-validated (2) multipurpose (2) — 2.23.140.1.5.2.2
  • organization-validated (2) strict (3) — 2.23.140.1.5.2.3
  • sponsor-validated (3) legacy (1) — 2.23.140.1.5.3.1
  • sponsor-validated (3) multipurpose (2) — 2.23.140.1.5.3.2
  • sponsor-validated (3) strict (3) — 2.23.140.1.5.3.3
  • individual-validated (4) legacy (1) — 2.23.140.1.5.4.1
  • individual-validated (4) multipurpose (2) — 2.23.140.1.5.4.2
  • individual-validated (4) strict (3) — 2.23.140.1.5.4.3
  • onion-EV(31) — 2.23.140.1.31 (TOR Service Descriptor OID for EV TLS certificates for .onion)
  • certificate-extensions(2)
  • test-certificate(1) — 2.23.140.2.1 (Test certificate) Deprecated
  • certificate-extensions(3)
  • cabforganization-identifier(1) — 2.23.140.3.1 (CA/Browser Forum Organization Identifier Field used in EV)
  • cabf-caSigningNonce(41) - 2.23.140.41 (CA signing nonce attribute that contains a Random Value that is generated by the CA used for verifying Applicant’s control over a .onion service)
  • cabf-applicantSigningNonce(42) - 2.23.140.42 (Applicant signing nonce attribute that contains a single value with at least 64-bits of entropy that is generated by the Applicant used during the verification of Applicant’s control over a .onion service)
Resources
Latest releases
Server Certificate Requirements
SC-081v3: Introduce Schedule of Reducing Validity and Data Reuse Periods - May 21, 2025

BR v2.1.5

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.9 - Ballot SMC011 - May 14, 2025

This ballot allows the option to use a European Unique Identifier (EUID) as a Registration Reference in the NTR Registration Scheme. The EUID uniquely identifies officially-registered organizations, Legal Entities, and branch offices within the European Union or the European Economic Area. The EUID is specified in chapter 9 of the Annex contained in the Implementing Regulation (EU) 2021/1042 which describes rules for the application of Directive (EU) 2017/1132 “relating to certain aspects of company law (codification)”. The ballot also includes several editorial corrections, (e.g., reordering of References and regrouping of information from Appendix A to Section 7.1.4.2.2 (d)). This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Adrian Mueller (SwissSign) and Adriano Santoni (Actalis).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).