← CABF Ballot Browser
Ballot-86 cancelled

Ballot 86 – Errata plus ISO3166

Server Certificate Working Group

AI Summary

Generated 2026-06-23 21:45 UTC

Ballot overview

  • Ballot 86, titled Errata plus ISO3166, is shown on the CA/Browser Forum site.
  • The page states that this ballot was withdrawn.

What the ballot would have changed

  • It would have maintained consistency between the S/MIME Baseline Requirements and the TLS Baseline Requirements with changes introduced by Ballots SC096 and SC097.
  • It would have created a carve-out for DNSSEC from the logging requirements, stating those requirements are not in scope.
  • It would have clarified that, for audit purposes, change management logging can confirm whether the appropriate controls are in effect.
  • It would have sunset all remaining use of SHA-1 signatures in Certificates and CRLs.
  • It notes that most uses of SHA-1 signatures were already deprecated by SC097.
  • It would have required revocation of all unexpired Subordinate CA Certificates issuing S/MIME containing the SHA-1 signature algorithm.
  • It would not have prohibited use of SHA-1 to generate issuerKeyHash or issuerNameHash values as required by RFC 5019.
  • It also included minor formatting corrections.
Model: gpt-5.4-mini Confidence: 0.99 Result: withdrawn

AI-generated from the CABF ballot page. The official CABF article remains the authoritative source.

Excerpt

SearchHome » All CA/Browser Forum Posts » Ballot 86 – Errata plus ISO3166Ballot 86 – Errata plus ISO3166This ballot was withdrawn.

View on cabforum.org → Last fetched 16 hours ago

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action