Discussion period begins: SC-095: December 2025 Cleanup

28 views
Skip to first unread message

Kateryna Aleksieieva

unread,
Dec 15, 2025, 4:27:47 AM (2 days ago) Dec 15
to server...@groups.cabforum.org

Summary

This ballot introduces a set of updates across the Baseline Requirements and EV Guidelines to improve clarity, consistency, definitions, and structural correctness. More details are available in the Pull Request. Changes fall into the following categories:

 

Formatting, References, and Consistency Improvements

(#193, #299, #322, #415, #432, #458, #489, #542, #570, #574, #576, #584, #592)
Standardization of formatting (dates, tables, headers, lists, bolding, punctuation, hyphens), correction of links and anchors, typos, cleanup of spacing and duplicated text, harmonization of RFC references and URL formats, and removal of obsolete or redundant editorial content.

Definition Updates and Clarifications

(#303, #428, #435, #449, #471, #489, #496, #512, #524, #564, #592)
Updates to definitions and terminology, removal of outdated code-signing wording, corrections to WHOIS and NTR definitions, clarification of delegation and validation reuse rules, alignment of language between BR and EV sections, addition of a “Precertificate” definition, and removal of legacy notes or outdated Relevant Dates.

Section-Specific Fixes

(#432, #452, #458, #546, #570, #444, #274)
Corrections to numbering, indentation, spacing, table structure, missing sections, example restoration/removal, adjustments to size limits, and updates to validation-method names and formatting.

Normative Adjustments

(#540, #547)
Refinements to normative requirements (MUST NOT → SHOULD NOT), removal of outdated effective-date notes, and header updates.

Correction to EVG 7.1.4.2.6

(#623)
Replacement of an obsolete BR reference with a self-contained definition of the Subject’s Physical Address of Place of Business, including OIDs, attribute requirements, and verified content rules.

Clarification to EVG 3.2.2.14.1

(#642)
RDAP should be used the same way as WHOIS.

Clarification of the "Certificate Profile" defined term

(#526)
The definition was updated per https://github.com/cabforum/servercert/pull/639

Update Section 4.9.1.1 to explicitly reference CAA violations

(#580)
This is a normative change clarifying that CAA violations are treated as part of the Domain Validation process. This was already the expected behavior as discussed in various CABF SCWG meetings.

Update RFC reference to RDAP

RFC 7482 has been superseded by RFC 9082.

 

The following motion has been proposed by Karolina Ruszczyńska (Certum by Asseco) and Kateryna Aleksieieva (Certum by Asseco) and endorsed by Dimitris Zacharopoulos (HARICA) and Wayne Thayer (Fastly).

 

--- Motion Begins ---

This ballot modifies the “Baseline Requirements for the Issuance and Management of Publicly-Trusted TLS Server Certificates” (“Baseline Requirements”), based on Version 2.1.9

This ballot modifies the “Guidelines for the Issuance and Management of Extended Validation Certificates” (“Extended Validation Guidelines”), based on Version 2.0.1

Redline: https://github.com/cabforum/servercert/compare/351f2755443ff78093d1b62b0b8a251ef6d8fc2d 

 

--- Motion Ends ---

This ballot proposes a Final Maintenance Guideline. The procedure for approval of this ballot is as follows:

 

Discussion (at least 7 days)

  • Start time: 2025-12-15 10:00:00 UTC
  • End time: On or after 2025-12-22 10:00:00 UTC

 

Vote for approval (7 days)

  • Start time: TBD
  • End time: TBD

 

Reply all
Reply to author
Forward
0 new messages