Home » Working Groups » Code Signing Cert WG

Code Signing Certificate Working Group

The CA/Browser Forum’s Code Signing Certificate Working Group was chartered to work on requirements applicable to Certification Authorities that issue code signing certificates.

Officers

Chair: Dean Coclin (Digicert)
Vice-Chair: Bruce Morton (Entrust)

Charter

Code Signing Certificate WG Charter (Ballot)

Ballots

Code Signing Working Group Ballots

Membership Requirements

There are four categories of members in the Code Signing Working Group:

Certificate Issuers: Certificate Authorities that issue publicly trusted code signing certificates. This group can attend all meetings and vote in the working group.
Certificate Consumers: This refers to platforms (OS or other) that “consume” code signing certificates to make decisions about the code signed by the certificate. This group can attend all meetings and vote in the working group.
Interested Parties: Anyone that has an interest in participating in the working group. This group can attend all telephone meetings but cannot vote. They can be invited to face to face meetings by the Chair.
Associate Members: Organizations that add value to the working group as determined by the group. Traditionally these have been organizations such as WebTrust, ETSI, Federal PKI, and ICANN (see: /about/membership/associate-members/ ). Recently this category has been expanded to include organizations that intend to be in categories 1 or 2 but have not completed all the required steps. This group can attend all meetings but cannot vote.

IN ALL CATEGORIES, EXECUTION AND SUBMISSION OF THE IPR AGREEMENT IS MANDATORY, PER THE CA/BROWSER FORUM BYLAWS (See: /about/ipr-policy/)

How to Join the Code Signing Certificate WG

If interested in joining the Working Group, please submit an email to and include your signed IPR form and category of membership. There is no cost to join.

Mailing List

To subscribe to the public mailing list, click here: https://groups.google.com/u/1/a/groups.cabforum.org/g/cscwg-public

Questions or comments should be sent to questions@cabforum.org.

Members

Certification Authorities

AC Camerfirma SA
Actalis S.p.A.
Asseco Data Systems SA (Certum)
DigiCert
eMudhra
Entrust
E-tugra
GDCA
GlobalSign
HARICA
IdenTrust
Sectigo
SSC
SSL.com
VikingCloud

Certificate Consumers

Microsoft

Associates

ACAB Council
Amazon
Buypass AS
Chunghwa Telecom
Cisco Systems
Comsign
CPA Canada/WebTrust
DarkMatter
DigitalTrust
D-TRUST
ETSI
Keyfactor
SHECA
TrustAsia
TWCA

Interested Parties

AGMS Information Technology Solutions
Common Crypto Authority
Doowon Kim
Encryption Consulting
Hydraulic Software AG
IBM
Insta Advance OY
Intel
Maria Merkel (Private Person)
PSW
QuantuSS Network
TL Certification Centre Co., Ltd(泰尔认证中心有限公司)

Latest releases

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.6 - Ballot SMC08 - Aug 29, 2024

This ballot sets a date by which issuance of certificates following the Legacy generation profiles must cease. It also includes the following minor updates: Pins the domain validation procedures to v 2.0.5 of the TLS Baseline Requirements while the ballot activity for multi-perspective validation is concluded, and the SMCWG determines its corresponding course of action; Updates the reference for SmtpUTF8Mailbox from RFC 8398 to RFC 9598; and Small text corrections in the Reference section

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35