CA/Browser Forum
Home » Working Groups

Working Groups

Working Groups From time to time the CA / Browser Forum charters working groups to study current issues and develop strategies and guidelines to improve CA operations, certificate profiles, and processing. Previous working groups developed the Baseline Requirements, prepared governance proposals, worked on CA network and certificate system security, and revocation methods. With the adoption of version 1.9 of the Bylaws, effective July 3, 2018, the Working Group is the primary venue for the adoption of Forum Guidelines. Under Section 5.3.1(e) of the Bylaws, a Chartered Working Group (CWG) “may establish any number of subcommittees within its own Working Group to address any of such CWG’s business (each, a “Subcommittee”).” Section 5.3.4 of the Bylaws provides that a “Legacy” Working Group (“LWG”) has the option of (a) converting to a Subcommittee under a CWG pursuant to Section 5.3.1(e), (b) immediately terminating, or (c) continuing in effect without change for 6 months following such approval. For an LWG to continue beyond such 6 months, it must have a charter approved as described in Section 5.3.1 above, as if it was a new Working Group.

Legacy Working Groups

Current LWGs include: the Validation Working Group, the Network Security Working Group, and the Policy Review Working Group,

Currently Active Working Groups Concurrent with the adoption of version 1.9 of the Bylaws, the Forum chartered the Server Certificate Working Group with the following scope of business:

  1. To specify Baseline Requirements, Extended Validation Guidelines, Network and Certificate System Security Requirements, and other acceptable practices for the issuance and management of SSL/TLS server certificates used for authenticating servers accessible through the Internet.
  2. To update such requirements and guidelines from time to time, in order to address both existing and emerging threats to online security, including responsibility for the maintenance of and future amendments to the current CA/Browser Forum Baseline Requirements, Extended Validation Requirements, and Network and Certificate System Security Requirements.
  3. To perform such other activities that are ancillary to the primary activities listed above.

Interested Parties

In order to participate as an Interested Party in the Forum / Working Group, you need to:

  1. Review the Intellectual Property Rights policy and complete the IPR agreement found there; and
  2. Send an email to questions@cabforum.org with your name, organization (if applicable), contact details and the signed IPR agreement with the subject: Participation as an Interested Party in the [Working Group Name] Working Group.
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed

Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates:

  • Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action;
  • Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and
  • Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).