← CABF Ballot Browser
SMC-017 cancelled

Ballot SMC017: Increase Minimum RSA CA Key Size

S/MIME Certificate Working Group

Key dates

Voting opened
06 May 2026 1 month ago
Voting closed
13 May 2026 1 month ago
Discussion opened
29 Apr 2026 1 month ago
Discussion closed
06 May 2026 1 month ago

Resources

GitHub diff https://github.com/cabforum/smime/compare/21bda9e4a5f04f373dbd359b4e2213a3f4910c76...a6d582ab7da98ac1ca7fd92f35f321aa9f70df37 https://github.com/cabforum/smime/compare/21bda9e4a5f04f373dbd359b4e2213a3f4910c76...a6d582ab7da98ac1ca7fd92f35f321aa9f70df37

AI Summary

Generated 2026-06-23 21:45 UTC

Ballot overview

  • Ballot SMC017: Increase Minimum RSA CA Key Size was a proposed Final Maintenance Guideline for the S/MIME Baseline Requirements.
  • The ballot was withdrawn on May 12, 2026.
  • The linked redline updates S/MIME Baseline Requirements Version 1.0.13 to Version 1.0.15.

What the ballot would have changed

  • For RSA key pairs, Root and Subordinate CA certificates signed on or after September 15, 2026 would need a modulus size of at least 4096 bits.
  • Subscriber certificates would retain the 2048-bit minimum RSA key size.
  • Effective September 15, 2027, CAs would not be allowed to issue certificates from any Subordinate CA whose RSA key modulus size is less than 4096 bits.

Notes from the ballot page and redline

  • The ballot page says the proposal was intended to increase the minimum RSA key size for Root and Subordinate CA certificates from 2048 to 4096 bits for keys created on or after September 15, 2026.
  • The ballot page also says the proposal would sunset issuance from legacy 2048-bit Sub-CAs by September 15, 2027.
  • The redline adds entries for SMC017 in the requirements table with dates of September 15, 2026 and September 15, 2027.
  • The page includes discussion and voting windows, but the ballot was later withdrawn.
Model: gpt-5.4-mini Confidence: 0.98 Result: withdrawn
Voting opened
2026-05-06
Voting closed
2026-05-13
Discussion opened
2026-04-29
Discussion closed
2026-05-06

AI-generated from the CABF ballot page. The official CABF article remains the authoritative source.

Proposers

Stephen Davidson (DigiCert) and endorsed by Ben Wilson (Mozilla) and Roman Fischer (SwissSign).

Excerpt

SearchHome » All CA/Browser Forum Posts » Ballot SMC017: Increase Minimum RSA CA Key SizeBallot SMC017: Increase Minimum RSA CA Key SizeBallot SMC017: Increase Minimum RSA CA Key SizeBallot SMC017 was withdrawn on May 12, 2026.

View on cabforum.org → Last fetched 15 hours ago

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action