Ballot 193 – 825-day Certificate Lifetimes
Server Certificate Working Group
Key dates
- Effective date
- 01 Mar 2018 8 years ago
- Voting opened
- 10 Mar 2017 9 years ago
- Voting closed
- 17 Mar 2017 9 years ago
- IPR review ends
- 16 Apr 2017 9 years ago
- Discussion opened
- 03 Mar 2017 9 years ago
- Discussion closed
- 10 Mar 2017 9 years ago
AI Summary
Ballot overview
- Ballot 193, titled 825-day Certificate Lifetimes, was a Final Maintenance Guideline ballot in the Server Certificate Working Group.
- The ballot passed.
- The ballot proposed changes to the Baseline Requirements and EV Guidelines to reduce maximum certificate lifetimes and related vetting-data reuse periods.
What changed
- For Subscriber Certificates, the motion changed the maximum validity period to 825 days for certificates issued after the effective date.
- For Subscriber Certificates issued after 1 July 2016 but prior to 1 March 2018, the motion kept the maximum validity period at 39 months.
- For Subscriber Certificates issued after 1 April 2015, the motion kept the maximum validity period at 39 months, except as provided for a temporary transition period.
- Until 30 June 2016, CAs could continue issuing Subscriber Certificates with validity greater than 39 months but not greater than 60 months if the certificate was for a system or software meeting all listed conditions.
- For EV Certificates, the motion set the maximum validity period to 825 days.
- The motion also stated that EV Subscriber Certificates are recommended to have a maximum validity period of twelve months.
Voting and approval
- Voting by CAs: 27 votes total including abstentions, with 24 yes, 0 no, and 3 abstain.
- Voting by browsers: 6 votes total including abstentions, with 5 yes, 0 no, and 1 abstain.
- Quorum was met.
- The two-thirds CA vote requirement and the browser vote requirement were met.
- At least one CA Member and one browser Member voted in favor.
Effective date and timing
- The ballot states that if the vote approves the ballot and no Exclusion Notices are filed, the ballot becomes effective at the end of the Review Period.
- The motion text gives the effective compliance date for the new 825-day Subscriber Certificate limit as March 1, 2018.
- The motion text also gives transition dates of 1 July 2016, 1 March 2018, 1 April 2015, and 30 June 2016 for different Subscriber Certificate validity rules.
- The procedure section lists discussion from March 3 to March 10 and vote from March 10 to March 17, with a 30-day Review Period after approval.
- Effective date
- 2018-03-01
- Voting opened
- 2017-03-10
- Voting closed
- 2017-03-17
- Discussion opened
- 2017-03-03
- Discussion closed
- 2017-03-10
2016-07-01 — Subscriber Certificates must not have a validity period greater than thirty-nine months Subscriber Certificates issued after 1 July 2016 but prior to 1 March 2018
2018-03-01 — Subscriber Certificates must have a validity period no greater than 825 days Subscriber Certificates issued after this date
2015-04-01 — Subscriber Certificates must have a validity period no greater than 39 months, except for the temporary transition period described below Subscriber Certificates issued after 1 April 2015
2016-06-30 — CAs may continue issuing Subscriber Certificates with a validity period greater than 39 months but not greater than 60 months if all listed conditions are met Until 30 June 2016, for Subscriber Certificates for a system or software meeting all listed conditions
AI-generated from the CABF ballot page. The official CABF article remains the authoritative source.
Proposers
Chris Bailey of Entrust Datacard and endorsed by the following CA/B Forum member representatives (listed in alphabetical order) Robin Alden of Comodo, Ben Wilson of DigiCert, and Doug Beattie of Globa
Excerpt
SearchHome » All CA/Browser Forum Posts » Ballot 193 – 825-day Certificate LifetimesBallot 193 – 825-day Certificate LifetimesThe voting period for Ballot 193 has ended. The ballot passed.