All,
The Mozilla Root Store Policy incorporates the CA/B Forum's
S/MIME Baseline Requirements (BRs). The initial adoption of S/MIME BRs included a commitment to eliminate the
Legacy Generation Certificate Profile for those S/MIME certificates issued under Publicly-Trusted CAs.
This post is just to alert you that the S/MIME Certificate Working Group will phase out the Legacy certificate profile, as of June 15, 2025. See Draft Ballot SMC-008. One change will be to reduce the maximum validity period for S/MIME certificates from
1185 days
to 825 days. (The S/MIME BRs have a
Multipurpose Generation certificate profile that may serve most needs when the Legacy certificate profile is gone.)
Are there any questions, comments, or concerns before this goes to ballot in the next few weeks?
Thanks,
Ben