[Discussion] Ballot SMC015: Allow mDL for authentication of individual identity

[Stephen Davidson]

Ballot SMC015: Allow mDL for authentication of individual identity

Summary: 

 

This ballot introduces requirements that a CA or RA must follow to rely upon a Mobile Drivers License (mDL) to provide evidence for the authentication of individual identity.  It allows the use of mDL that conform to ISO/IEC 18013-5 and which may be verified by the CA or RA in conformance with ISO/IEC 18013-7.  The CA or RA shall only accept mDL from an Issuing Authority that is legally authorized by the relevant government or jurisdiction to issue driving licenses.

 

The draft also aligns the subsections of 3.2.4.2 (Validation of individual identity) to correspond more closely with those in 3.2.4.1 (Attribute collection of individual identity). It also includes minor editorial corrections.

 

This ballot is proposed by Stephen Davidson (DigiCert) and endorsed by Ben Wilson (Mozilla) and Scott Rea (eMudhra).

 

— Motion Begins —

 

This ballot modifies the “Baseline Requirements for the Issuance and Management of Publicly-Trusted S/MIME Certificates” (“S/MIME Baseline Requirements”), based on Version 1.0.12.

 

MODIFY the Baseline Requirements as specified in the following Redline:

 

https://github.com/cabforum/smime/compare/be9a18ab2b48eb0cbff41d3a268202f700c06c05...42b87e06b876e8808d61cd4735c317b1cfa6d363

 

— Motion Ends —

 

This ballot proposes a Final Maintenance Guideline. The procedure for approval of this ballot is as follows:

 

Discussion (at least 7 days)

 

• Start time: February 10, 2026 at 21:00:00 UTC
• End time: February 17, 2026 at 21:00:00 UTC

 

[Roman Fischer]

Dear Stephen,

 

Did you delete the reference of "ETSI EN 319 403" (line 420) on purpose?

 

Rgds
Roman

--
You received this message because you are subscribed to the Google Groups "S/MIME Certificate WG - Public (CA/B Forum)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to smcwg-public...@groups.cabforum.org.
To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/smcwg-public/BL1PR14MB51434C16860B8E0CD91C225FE562A%40BL1PR14MB5143.namprd14.prod.outlook.com.

[Stephen Davidson]

Yes – it was previously repeated in the text.

Regards, Stephen

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/smcwg-public/ZR0P278MB0170107C53EFB4C9F0339D0DFA63A%40ZR0P278MB0170.CHEP278.PROD.OUTLOOK.COM.

[Roman Fischer]

Hi Stephen,

 

I thought there may have been two standards, ETSI EN 319 403 and ETSI EN 319 403-1. I'm not the expert on this topic.

 

Anyway, bullet 4 in chapter 8.2 needs to be corrected too, right?

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/smcwg-public/BL1PR14MB5143C30C613ED4F22F6E9A00E563A%40BL1PR14MB5143.namprd14.prod.outlook.com.

[Stephen Davidson]

Thanks Roman; this is a good catch.  I had not seen the second mention.

 

ETSI EN 319 403 was superceded by ETSI EN 319 403-1 in 2021 and should not appear in current audits.

 

I will restart the ballot and propose a similar update at TLS BR.

To view this discussion visit https://groups.google.com/a/groups.cabforum.org/d/msgid/smcwg-public/ZR0P278MB0170A67891D9C7E072242CADFA63A%40ZR0P278MB0170.CHEP278.PROD.OUTLOOK.COM.