Home » Working Groups » Server Cert WG » Extended Validation » EV Guidelines for TLS Server Certificates

EV Guidelines for TLS Server Certificates

Current Version

EV TLS Server Certificate Guidelines 2.0.1 – (redlined) - adopted by Ballot SC72

Previous Versions

EV TLS Server Certificate Guidelines 2.0.0 – (redlined) - adopted by Ballot SC65

EV TLS Server Certificate Guidelines 1.8.1 – (redlined) – adopted by Ballot SC68

EV TLS Server Certificate Guidelines 1.8.0 – (redlined) – adopted by Ballot SC56

EV SSL Certificate Guidelines 1.7.9 – (redlined) – adopted by Ballot SC54

EV SSL Certificate Guidelines 1.7.8 – (redlined) – adopted by Ballot SC48

EV SSL Certificate Guidelines 1.7.7 – (redlined) – adopted by Ballot SC47

EV SSL Certificate Guidelines 1.7.6 – (redlined) – adopted by Ballot SC42

EV SSL Certificate Guidelines 1.7.5 – (redlined) – adopted by Ballot SC41

EV SSL Certificate Guidelines 1.7.4 – (redlined) – adopted by Ballot SC35

EV SSL Certificate Guidelines 1.7.3 – (redlined) – adopted by Ballots SC30 and SC31

EV SSL Certificate Guidelines 1.7.2 – (redlined) – adopted by Ballot SC27

EV SSL Certificate Guidelines 1.7.1 – (redlined) – adopted by Ballot SC24

EV SSL Certificate Guidelines 1.7.0 – (redlined) – adopted by Ballot SC17

EV SSL Certificate Guidelines 1.6.9 – (redlined) – adopted by Ballot SC16

EV SSL Certificate Guidelines 1.6.8 – (redlined) – adopted by Ballot 217

EV SSL Certificate Guidelines 1.6.7 – (redlined) – adopted by Ballot 207

EV SSL Certificate Guidelines 1.6.6 – (redlined) – adopted by Ballot 192

EV SSL Certificate Guidelines 1.6.5 – (redlined) – adopted by Ballot 201

EV SSL Certificate Guidelines 1.6.4 – (redlined) – adopted by Ballot 191

EV SSL Certificate Guidelines 1.6.3 – (redlined) – (declared invalid)

EV SSL Certificate Guidelines 1.6.2 – (redlined) – adopted by Ballot 193 on 17 March 2017

EV SSL Certificate Guidelines 1.6.1 – (redlined) – adopted by Ballot 180 on 7 January 2017

EV SSL Certificate Guidelines 1.6.0 – (redlined) – adopted by Ballot 171 on 1 July 2016

EV SSL Certificate Guidelines 1.5.9 – (redlined) – adopted by Ballot 163

EV SSL Certificate Guidelines 1.5.8 – (redlined) – adopted by Ballot 162

EV SSL Certificate Guidelines 1.5.7 – (redlined) – adopted by Ballot 151

EV SSL Certificate Guidelines 1.5.6 – (redlined) – adopted by Ballot 147

EV SSL Certificate Guidelines 1.5.5 – (redlined) – adopted by Ballot 145 and Ballot 146

EV SSL Certificate Guidelines 1.5.4 – (redlined) – adopted by Ballot 146 on 16 April 2015 which reformatted the Baseline Requirements and created CAB Forum BR 1.3.0.

EV SSL Certificate Guidelines 1.5.3 – (redlined) – adopted by Ballot 144 on 18 February 2015

EV SSL Certificate Guidelines 1.5.2 – (redlined) – adopted by Ballot 123 on 16 October 2014

EV SSL Certificate Guidelines 1.5.1 – (redlined) – adopted by Ballot 131 on 12 September 2014

EV SSL Certificate Guidelines 1.5.0 – (redlined) – adopted by Ballot 126 on 24 July 2014

EV SSL Certificate Guidelines 1.4.9 – (redlined) – adopted by Ballot 127 on 17 July 2014

EV SSL Certificate Guidelines 1.4.8 – (redlined) – adopted by Ballot 124 on 5 June 2014

EV SSL Certificate Guidelines 1.4.7 – (redlined) – adopted by Ballot 120 on 5 June 2014

EV SSL Certificate Guidelines 1.4.6 – (redlined) – adopted on 24 March 2014

EV SSL Certificate Guidelines 1.4.5 – (redlined) – adopted on 28 January 2014

EV SSL Certificate Guidelines 1.4.4 – (redlined) – adopted on 13 January 2014

EV SSL Certificate Guidelines 1.4.3 – (redlined) – 9 July 2013 – 13 January 2014

EV SSL Certificate Guidelines 1.4.2 – (redlined) – effective May 31, 2013

EV SSL Certificate Guidelines 1.4.1 – None (see version 1.1 of the Baseline Requirements) (There was not a version 1.4.1 of the EV Guidelines because the change for Ballot 75 only addressed a provision in the Baseline Requirements.)

EV SSL Certificate Guidelines 1.4 – effective May 29, 2012

Errata 1.4 EV SSL Certificate Guidelines 1.3 – effective November 20, 2010

Errata 1.3 EV SSL Certificate Guidelines 1.2 – effective October 1, 2009

Errata 1.2 EV SSL Certificate Guidelines 1.1 – effective April 10, 2008

Errata 1.1 EV SSL Certificate Guidelines 1.0 – effective June 12, 2007 – April 11, 2008

Erratum to Guidelines 1 EV SSL Certificate Guidelines Draft 11 – valid through June 11, 2007

Latest releases

Server Certificate Requirements
BRs/2.1.2 SC-080 V3: Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods - Dec 16, 2024

Ballot SC-080 V3: “Sunset the use of WHOIS to identify Domain Contact… (https://github.com/cabforum/servercert/pull/560) Ballot SC-080 V3: “Sunset the use of WHOIS to identify Domain Contacts and relying DCV Methods” (https://github.com/cabforum/servercert/pull/555)

Code Signing Requirements
v3.8 - Aug 5, 2024

What’s Changed CSC-25: Import EV Guidelines to CS Baseline Requirements by @dzacharo in https://github.com/cabforum/code-signing/pull/38 Full Changelog: https://github.com/cabforum/code-signing/compare/v3.7...v3.8

S/MIME Requirements
v1.0.8 - Ballot SMC010 - Dec 23, 2024

This ballot adopts Multi-Perspective Issuance Corroboration (MPIC) for CAs when conducting Email Domain Control Validation (DCV) and Certification Authority Authorization (CAA) checks for S/MIME Certificates. The Ballot adopts the MPIC implementation consistent with the TLS Baseline Requirements. Acknowledging that some S/MIME CAs with no TLS operations may require additional time to deploy MPIC, the Ballot has a Compliance Date of May 15, 2025. Following that date the implementation timeline described in TLS BR section 3.2.2.9 applies. This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ashish Dhiman (GlobalSign) and Nicolas Lidzborski (Google).

Network and Certificate System Security Requirements
v2.0 - Ballot NS-003 - Jun 26, 2024

Ballot NS-003: Restructure the NCSSRs in https://github.com/cabforum/netsec/pull/35