← CABF Ballot Browser
Ballot-150 cancelled

Ballot 150 – OID Revisions

Server Certificate Working Group

AI Summary

Generated 2026-06-23 21:44 UTC

Ballot overview

  • Ballot 150, titled OID Revisions, is shown on the CA/Browser Forum page.
  • The page states that this ballot was withdrawn.
  • The ballot page text also says it maintains consistency between the S/MIME Baseline Requirements and the TLS Baseline Requirements with changes introduced by Ballots SC096 and SC097.

Stated changes in the ballot text

  • Creates a carve-out of the logging requirements for DNSSEC, stating these are not in scope.
  • Notes that, for audit purposes, change management logging can confirm whether the appropriate controls are in effect.
  • Sunsets all remaining use of SHA-1 signatures in Certificates and CRLs.
  • States that most uses of SHA-1 signatures are already deprecated by SC097.
  • Requires revocation of all unexpired Subordinate CA Certificates issuing S/MIME containing the SHA-1 signature algorithm.
  • States that the proposal does not prohibit use of SHA-1 to generate issuerKeyHash or issuerNameHash values as required by RFC 5019.
  • Includes minor formatting corrections.
Model: gpt-5.4-mini Confidence: 0.99 Result: withdrawn

AI-generated from the CABF ballot page. The official CABF article remains the authoritative source.

Excerpt

SearchHome » All CA/Browser Forum Posts » Ballot 150 – OID RevisionsBallot 150 – OID RevisionsThis ballot was withdrawn.

View on cabforum.org → Last fetched 16 hours ago

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action