SMC-09 passed

Ballot SMC09 Pre-Linting, WebTrust for NetSec, and Minor Updates

S/MIME Certificate Working Group

Key dates

Effective date: 15 Sep 2025 9 months ago
Voting opened: 16 Oct 2024 1 year ago
Voting closed: 23 Oct 2024 1 year ago
IPR review ends: 22 Nov 2024 1 year ago
Discussion opened: 09 Oct 2024 1 year ago
Discussion closed: 16 Oct 2024 1 year ago

Resources

⎇ GitHub diff https://github.com/cabforum/smime/compare/c66dfe265f5fabf70150af68746d5cb9ba09f942...d295580ad2e1a15c56e786e851d110969a712437 https://github.com/cabforum/smime/compare/c66dfe265f5fabf70150af68746d5cb9ba09f942...d295580ad2e1a15c56e786e851d110969a712437

± Redline https://cabforum.org/posts/2024/2024-10-23-SMCWG-ballot-SMC09/CA-Browser-Forum-SMIMEBR-1.0.7-Redline.pdf https://cabforum.org/posts/2024/2024-10-23-SMCWG-ballot-SMC09/CA-Browser-Forum-SMIMEBR-1.0.7-Redline.pdf

⤓ Document https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.7.pdf https://cabforum.org/uploads/CA-Browser-Forum-SMIMEBR-1.0.7.pdf

AI Summary

Generated 2026-06-23 21:45 UTC

Ballot overview

Ballot SMC09 is titled Pre-Linting, WebTrust for NetSec, and Minor Updates.
It modifies the Baseline Requirements for the Issuance and Management of Publicly-Trusted S/MIME Certificates, based on Version 1.0.6.
The ballot was adopted and the ballot passed.

What the ballot changes

Requires WebTrust audits to include WebTrust for Network Security for audit periods starting after April 1, 2025.
Introduces linting-related requirements for S/MIME Certificates:
- CAs SHOULD implement pre-issuance linting starting March 15, 2025.
- CAs SHALL implement pre-issuance linting starting September 15, 2025.
- CAs SHOULD use linting in self-audits starting March 15, 2025.
Clarifies that multiple certificatePolicy OIDs are allowed in end entity certificates.
Clarifies use of organizationIdentifier and Registration Reference language.
Updates Appendix A.2 Natural Person Identifiers, including TAX, TIN, and EID entries.

Adoption and publication

The IPR period completed.
No IPR Exclusion Notices were filed.
The ballot was adopted as of November 22, 2024.
The new S/MIME BR v.1.0.7 was published to the CABF public website.

Voting and procedural status

The voting period completed and the ballot passed.
Voting results were unanimous among the listed voters:
- Certificate Issuers: 17 yes, 0 no, 0 abstain
- Certificate Consumers: 3 yes, 0 no, 0 abstain
Bylaw requirements for issuer and consumer approval were met.
Quorum was met with 11 active voting members.

Model: gpt-5.4-mini Confidence: 0.98 Result: passed

Effective date: 2025-09-15
Voting opened: 2024-10-16
Voting closed: 2024-10-23
IPR review ends: 2024-11-22
Discussion opened: 2024-10-09
Discussion closed: 2024-10-16

Applicability and conditions

2025-03-15 — CAs SHOULD implement pre-issuance linting of S/MIME Certificates and SHOULD implement use of linting in self-audits All S/MIME CAs for pre-issuance linting and use of linting in self-audits

2025-04-01 — WebTrust audits SHALL include WebTrust for Network Security WebTrust audits for audit periods starting after this date

2025-09-15 — CAs SHALL implement pre-issuance linting of S/MIME Certificates All S/MIME CAs for pre-issuance linting

AI-generated from the CABF ballot page. The official CABF article remains the authoritative source.

Vote result

Certificate Issuers 17 yes 0 no 0 abstain

Certificate Consumers 3 yes 0 no 0 abstain

CABF ballot approval depends on both voting classes; CA votes alone are not decisive.

20 Yes

0 No

0 Abstain

100% yes · 0% no

Proposers

Stephen Davidson (DigiCert) and endorsed by Clint Wilson (Apple) and Martijn Katerbarg (Sectigo).

Excerpt

SearchHome » All CA/Browser Forum Posts » Ballot SMC09 Pre-Linting, WebTrust for NetSec, and Minor UpdatesBallot SMC09 Pre-Linting, WebTrust for NetSec, and Minor UpdatesThe Intellectual Property Review (IPR) period for Ballot SMC09 (Pre-Linting, WebTrust for NetSec, and Minor Updates) has completed.

View on cabforum.org → Last fetched 16 hours ago