SC-062v2 passed

Ballot SC062v2: Certificate profiles update

Server Certificate Working Group

Key dates

Effective date: 15 Sep 2023 2 years ago
Voting opened: 09 Mar 2023 3 years ago
Voting closed: 16 Mar 2023 3 years ago
Discussion opened: 17 Feb 2023 3 years ago
Discussion closed: 09 Mar 2023 3 years ago

Resources

⎇ GitHub diff https://github.com/cabforum/servercert/compare/e87bc5fcf35f533e58899311e538e6ffe959102e SC-62 V2

⎇ GitHub diff https://github.com/cabforum/servercert/compare/2c63814fa7f9f7c477c74a6bfbeb57e0fcc5dd5b..aa9fc5d0b2b59504a31638e880cb81c69aefa018 SC-61 V4

✉ Mailing list https://lists.cabforum.org/pipermail/servercert-wg/2023-February/003600.html approved

AI Summary

Generated 2026-06-23 21:40 UTC

Ballot overview

Ballot: SC-062 V2, Certificate profiles update (Server Certificate Working Group)
Purpose: Update the Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates, focused on improving clarity of Section 7 (Certificate, CRL, and OCSP Profiles).
Stated goals of the update:
- Better aligns certificate content expectations across certificate issuers and consumers
- Reduces confusion from the absence of a more precise certificate profile specification
- Promotes more consistent and reliable implementations across the ecosystem
Scope note: While most updates focus on Section 7, changes were not limited to only this section.

Motion and normative effective date

The ballot states that an all-encompassing effective date makes these changes normative beginning 2023-09-15.
The ballot modifies the Baseline Requirements based on Version 1.8.6.

Discussion and voting timeline (as stated on the ballot page)

Discussion:
- Start time: 2023-02-17 19:00:00 UTC
- End time: 2023-03-09 18:59:00 UTC
Vote for approval:
- Start time: 2023-03-09 19:00:00 UTC
- End time: 2023-03-16 19:00:00 UTC

Adoption and voting results (Bylaws requirements)

Certificate Issuers: 30 votes total; 30 YES, 0 NO, 0 ABSTAIN; adoption requirement of 2/3 or more was MET.
Certificate Consumers: 3 votes total; 3 YES, 0 NO, 0 ABSTAIN; adoption requirement of 50% plus one was MET.
Category participation: At least one Voting Member in each category voted in favour; requirement was MET.
Quorum: Half of currently active members at start of voting was 14, so quorum was 15; requirement was MET.

Linked artifact highlights (GitHub compare text provided)

The linked redline text includes changes to Baseline Requirements content, including updates related to CRLReason usage and revocation reason code requirements.
The redline text explicitly references Subscriber Certificate revocation after July 15, 2023 for CRLReason inclusion requirements.

Model: gpt-5.4-nano Confidence: 0.95 Result: passed

Effective date: 2023-09-15
Voting opened: 2023-03-09
Voting closed: 2023-03-16
Discussion opened: 2023-02-17
Discussion closed: 2023-03-09

Applicability and conditions

2023-07-15 — CRLReason MUST be included in the reasonCode extension of the CRL entry corresponding to a Subscriber Certificate revoked after July 15, 2023, unless the CRLReason is unspecified (0). Revocation reason code entries for Subscriber Certificates revoked prior to July 15, 2023 do NOT need to be added or changed. Applies to Subscriber Certificates revoked after July 15, 2023 (for CRLReason inclusion in the reasonCode extension of the CRL entry corresponding to that revocation).

AI-generated from the CABF ballot page. The official CABF article remains the authoritative source.

Vote result

Certificate Issuers 30 yes 0 no 0 abstain

Certificate Consumers 3 yes 0 no 0 abstain

CABF ballot approval depends on both voting classes; CA votes alone are not decisive.

33 Yes

0 No

0 Abstain

100% yes · 0% no

Proposers

Ryan Dickson of Google and endorsed by Clint Wilson of Apple and Dimitris Zacharopoulos of HARICA.

Excerpt

SearchHome » All CA/Browser Forum Posts » Ballot SC062v2: Certificate profiles updateBallot SC062v2: Certificate profiles updateVoting Results Certificate Issuers 30 votes total, with no abstentions:

View on cabforum.org → Last fetched 16 hours ago