← CABF Ballot Browser
SMC-015v2 passed

Ballot SMC015v2: Allow mDL for authentication of individual identity

S/MIME Certificate Working Group

Key dates

Voting opened
18 Feb 2026 4 months ago
Voting closed
25 Feb 2026 3 months ago
IPR review ends
27 Mar 2026 2 months ago
Discussion opened
11 Feb 2026 4 months ago
Discussion closed
18 Feb 2026 4 months ago

Resources

GitHub diff https://github.com/cabforum/smime/compare/be9a18ab2b48eb0cbff41d3a268202f700c06c05...dbf61ec60f495871e755f1652bbd86178d5d53f0 https://github.com/cabforum/smime/compare/be9a18ab2b48eb0cbff41d3a268202f700c06c05...dbf61ec60f495871e755f1652bbd86178d5d53f0
± Redline https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.13-Redline.pdf https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.13-Redline.pdf
Document https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.13.pdf https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.13.pdf
Document https://cabforum.org/wp-content/uploads/Template-for-Exclusion-Notice.pdf https://cabforum.org/wp-content/uploads/Template-for-Exclusion-Notice.pdf

AI Summary

Generated 2026-06-23 21:39 UTC

Result and adoption

  • The ballot SMC015v2 Allow mDL for authentication of individual identity is marked as adopted.
  • The page states that the Intellectual Property Review (IPR) period has completed and that no IPR Exclusion Notices were filed.
  • The ballot is adopted as of March 27, 2026.

What the ballot changes (high level)

  • Introduces requirements for a CA or RA to rely upon a Mobile Drivers License (mDL) as evidence for authentication of individual identity.
  • Allows use of mDL that conform to ISO/IEC 18013-5 and that may be verified by the CA or RA in conformance with ISO/IEC 18013-7.
  • Requires the CA or RA to only accept mDL from an Issuing Authority that is legally authorized by the relevant government or jurisdiction to issue driving licenses.
  • Aligns subsections 3.2.4.2 Validation of individual identity and 3.2.4.1 Attribute collection of individual identity more closely.
  • Includes minor editorial corrections and removes an additional reference to a superseded ETSI EN 319 403.

Motion and artifacts referenced

  • The ballot modifies the Baseline Requirements for the Issuance and Management of Publicly-Trusted S/MIME Certificates based on Version 1.0.12.
  • The page links to a GitHub compare redline and to the published S/MIME BR v.1.0.13 PDF.
  • The linked artifacts include:
    • CA-Browser-Forum-SMIMEBR-1.0.13.pdf (Version 1.0.13, March 27, 2026)
    • CA-Browser-Forum-SMIMEBR-1.0.13-Redline.pdf

Identity validation via mDL (as described in the redline)

  • Adds a Mobile Driver License (mDL) definition describing an mDL issued digitally by an authorized Issuing Authority and conforming to ISO/IEC 18013-5 and ISO/IEC 18013-7.
  • Adds an mDL evidence source and validation steps, including:
    • Accepting only mDL issued by a legally authorized Issuing Authority.
    • Conformance to ISO/IEC 18013-5.
    • Support for validation protocols defined in ISO/IEC 18013-7.
    • Demonstrating a valid certificate chain from the Document Signer Certificate to an Issuing Authority Certificate verifiable through a publicly available trust anchor or trust list approved by the issuing jurisdiction.
    • Performing mDL authentication in real-time as part of the identity validation process and not relying on previously captured mDL data.
Model: gpt-5.4-nano Confidence: 0.90 Result: passed
Voting opened
2026-02-18
Voting closed
2026-02-25
IPR review ends
2026-03-27
Discussion opened
2026-02-11
Discussion closed
2026-02-18

AI-generated from the CABF ballot page. The official CABF article remains the authoritative source.

Vote result

Certificate Issuers 17 yes 0 no 0 abstain
Certificate Consumers 4 yes 0 no 0 abstain

CABF ballot approval depends on both voting classes; CA votes alone are not decisive.

21 Yes
0 No
0 Abstain

100% yes · 0% no

Proposers

Stephen Davidson (DigiCert) and endorsed by Ben Wilson (Mozilla) and Scott Rea (eMudhra).

Excerpt

SearchHome » All CA/Browser Forum Posts » Ballot SMC015v2: Allow mDL for authentication of individual identityBallot SMC015v2: Allow mDL for authentication of individual identity[Adopted] Ballot SMC015v2: Allow mDL for authentication of individual identityThe Intellectual Property Review (IPR) period for Ballot SMC015v2 (Allow mDL for authentication of individual identity) has completed. No IPR Exclusion Notices were filed, and the ballot is adopted as of March 27, 2026.

View on cabforum.org → Last fetched 16 hours ago

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action