CA/Browser Forum
Home » Working Groups » Code Signing Cert WG

Code Signing Certificate Working Group

The CA/Browser Forum’s Code Signing Certificate Working Group was chartered to work on requirements applicable to Certification Authorities that issue code signing certificates.

Officers

Charter

Code Signing Certificate WG Charter (Ballot)

Ballots

Code Signing Working Group Ballots

Membership Requirements

There are four categories of members in the Code Signing Working Group:

  1. Certificate Issuers: Certificate Authorities that issue publicly trusted code signing certificates. This group can attend all meetings and vote in the working group.
  2. Certificate Consumers: This refers to platforms (OS or other) that “consume” code signing certificates to make decisions about the code signed by the certificate. This group can attend all meetings and vote in the working group.
  3. Interested Parties: Anyone that has an interest in participating in the working group. This group can attend all telephone meetings but cannot vote. They can be invited to face to face meetings by the Chair.
  4. Associate Members: Organizations that add value to the working group as determined by the group. Traditionally these have been organizations such as WebTrust, ETSI, Federal PKI, and ICANN (see: /about/membership/associate-members/ ). Recently this category has been expanded to include organizations that intend to be in categories 1 or 2 but have not completed all the required steps. This group can attend all meetings but cannot vote.

IN ALL CATEGORIES, EXECUTION AND SUBMISSION OF THE IPR AGREEMENT IS MANDATORY, PER THE CA/BROWSER FORUM BYLAWS (See: /about/ipr-policy/)

How to Join the Code Signing Certificate WG

If interested in joining the Working Group, please submit an email to and include your signed IPR form and category of membership. There is no cost to join.

Mailing List

To subscribe to the public mailing list, click here: https://groups.google.com/u/1/a/groups.cabforum.org/g/cscwg-public

Questions or comments should be sent to questions@cabforum.org.

Members

Certification Authorities

  • AC Camerfirma SA
  • Actalis S.p.A.
  • Asseco Data Systems SA (Certum)
  • DigiCert
  • eMudhra
  • Entrust
  • E-tugra
  • GDCA
  • GlobalSign
  • HARICA
  • IdenTrust
  • Sectigo
  • SSC
  • SSL.com
  • VikingCloud

Certificate Consumers

  • Microsoft

Associates

  • ACAB Council
  • Amazon
  • Buypass AS
  • Chunghwa Telecom
  • Cisco Systems
  • Comsign
  • CPA Canada/WebTrust
  • DarkMatter
  • DigitalTrust
  • D-TRUST
  • ETSI
  • Keyfactor
  • SHECA
  • TrustAsia
  • TWCA

Interested Parties

  • AGMS Information Technology Solutions
  • Common Crypto Authority
  • Doowon Kim
  • Encryption Consulting
  • Hydraulic Software AG
  • IBM
  • Insta Advance OY
  • Intel
  • Maria Merkel (Private Person)
  • PSW
  • QuantuSS Network
  • TL Certification Centre Co., Ltd(泰尔认证中心有限公司)
Latest releases
Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.7 - Ballot SMC09 - Nov 25, 2024

This ballot includes updates for the following: • Require pre-linting of leaf end entity Certificates starting September 15, 2025 • Require WebTrust for Network Security for audits starting after April 1, 2025 • Clarify that multiple certificatePolicy OIDs are allowed in end entity certificates • Clarify use of organizationIdentifer references • Update of Appendix A.2 Natural Person Identifiers This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35

Edit this page
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).