<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:DengXian;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@DengXian";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin-top:0in;
margin-right:0in;
margin-bottom:8.0pt;
margin-left:0in;
line-height:105%;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:8.0pt;
margin-left:.5in;
mso-add-space:auto;
line-height:105%;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.MsoListParagraphCxSpFirst, li.MsoListParagraphCxSpFirst, div.MsoListParagraphCxSpFirst
{mso-style-priority:34;
mso-style-type:export-only;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
mso-add-space:auto;
line-height:105%;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.MsoListParagraphCxSpMiddle, li.MsoListParagraphCxSpMiddle, div.MsoListParagraphCxSpMiddle
{mso-style-priority:34;
mso-style-type:export-only;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
mso-add-space:auto;
line-height:105%;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.MsoListParagraphCxSpLast, li.MsoListParagraphCxSpLast, div.MsoListParagraphCxSpLast
{mso-style-priority:34;
mso-style-type:export-only;
margin-top:0in;
margin-right:0in;
margin-bottom:8.0pt;
margin-left:.5in;
mso-add-space:auto;
line-height:105%;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:488593928;
mso-list-template-ids:1422311838;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1
{mso-list-id:2048484697;
mso-list-type:hybrid;
mso-list-template-ids:1007194742 -1266369380 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l1:level1
{mso-level-start-at:0;
mso-level-number-format:bullet;
mso-level-text:-;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Calibri",sans-serif;
mso-fareast-font-family:Calibri;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif;" dir="ltr">
<p>Hello,</p>
<p><br>
</p>
<p>please have in mind that there are members which do not use MS office and proprietary MS file formats.</p>
<p>Would propose to use odt-files instead. See <a href="https://www.oasis-open.org/2021/06/16/opendocument-v1-3-oasis-standard-published/" class="OWAAutoLink" id="LPlnk638229" previewremoved="true">
https://www.oasis-open.org/2021/06/16/opendocument-v1-3-oasis-standard-published/</a>
<br>
</p>
<p>I believe that MS Office can work on this format, too!?</p>
<p><br>
</p>
<p>Thanks, Burkhard<br>
</p>
</div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>Von:</b> Smcwg-public <smcwg-public-bounces@cabforum.org> im Auftrag von Bruce Morton via Smcwg-public <smcwg-public@cabforum.org><br>
<b>Gesendet:</b> Freitag, 6. Mai 2022 20:23:11<br>
<b>An:</b> Stephen Davidson; SMIME Certificate Working Group<br>
<b>Betreff:</b> Re: [Smcwg-public] 30-day Pre-Ballot Discussion Period of S/MIME BR</font>
<div> </div>
</div>
<div>
<div class="WordSection1">
<p class="MsoNormal">Hi Stephen,<o:p></o:p></p>
<p class="MsoNormal">Could we also have a Word version to review? I think this would be easier to share at work and capture suggested edits and comments, rather than sending a PDF.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks, Bruce.<o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-bottom:0in;line-height:normal"><b>From:</b> Smcwg-public <smcwg-public-bounces@cabforum.org>
<b>On Behalf Of </b>Stephen Davidson via Smcwg-public<br>
<b>Sent:</b> Thursday, May 5, 2022 10:57 AM<br>
<b>To:</b> SMIME Certificate Working Group <smcwg-public@cabforum.org><br>
<b>Subject:</b> [EXTERNAL] [Smcwg-public] 30-day Pre-Ballot Discussion Period of S/MIME BR<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in;line-height:normal">WARNING: This email originated outside of Entrust.<br>
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.<o:p></o:p></p>
<div class="MsoNormal" align="center" style="margin-bottom:0in;text-align:center;line-height:normal">
<hr size="2" width="100%" align="center">
</div>
<p class="MsoNormal">May 5, 2022<o:p></o:p></p>
<p class="MsoNormal">The S/MIME Certificate Working Group (SMCWG) of the CA/Browser Forum commences a 30-day pre-ballot discussion of the draft text of the “Baseline Requirements for the Issuance and Management of Publicly-Trusted S/MIME Certificates” (S/MIME
BR).<o:p></o:p></p>
<p class="MsoNormal">The S/MIME BR describes an integrated set of technologies, protocols, identity-proofing, lifecycle management, and auditing requirements for certificate Issuers. The draft is the culmination of work started in 2020 by a group of Certificate
Issuers, Certificate Consumers (including both email user agents and email service providers), as well as other interested parties such as audit schemes and industry groups.<o:p></o:p></p>
<p class="MsoNormal">As agreed by the SMCWG, recognizing that the S/MIME BR will be a new standard, the pre-ballot discussion period allows organizations to complete their internal reviews of the draft before the final ballot is assembled.<o:p></o:p></p>
<p class="MsoNormal">Comments may be submitted by SMCWG members to the SMCWG public listserv (<a href="https://urldefense.com/v3/__https:/lists.cabforum.org/mailman/listinfo/smcwg-public__;!!FJ-Y8qCqXTj2!bxk09E_Wwhz6nvOr8dRwjL3lf1CXOQZR-oM4PA6Oflh1TPbrvLlSJbDPqQ-we9Gs1VGEhjFaz3oT4zToOGlKfpGVvq7H$">https://lists.cabforum.org/mailman/listinfo/smcwg-public</a>)
or using the Issues functionality on GitHub (<a href="https://urldefense.com/v3/__https:/github.com/cabforum/smime/issues__;!!FJ-Y8qCqXTj2!bxk09E_Wwhz6nvOr8dRwjL3lf1CXOQZR-oM4PA6Oflh1TPbrvLlSJbDPqQ-we9Gs1VGEhjFaz3oT4zToOGlKfr25MoAP$">https://github.com/cabforum/smime/issues</a>).
<o:p></o:p></p>
<p class="MsoNormal">The SMCWG will take advantage of the summer face-to-face meeting of the CABF to discuss and categorize any remaining issues that arise for resolution in this draft or a future version of the standard.<o:p></o:p></p>
<p class="MsoNormal">At that time, a roadmap will be set to solicit endorsers and to conduct an adoption ballot for version 1 of the S/MIME BR later in the summer, subject to the voting rules of the SMCWG charter and the CABF bylaws which call for a 7-day review
and a 7-day ballot period. A successful ballot will lead to a 60-day IPR review.<o:p></o:p></p>
<p class="MsoNormal">The draft of the S/MIME BR may be found at <a href="https://urldefense.com/v3/__https:/github.com/cabforum/smime/blob/preSBR/SBR.md__;!!FJ-Y8qCqXTj2!bxk09E_Wwhz6nvOr8dRwjL3lf1CXOQZR-oM4PA6Oflh1TPbrvLlSJbDPqQ-we9Gs1VGEhjFaz3oT4zToOGlKfiJsVS-C$">
https://github.com/cabforum/smime/blob/preSBR/SBR.md</a> and as a PDF, attached.<o:p></o:p></p>
<p class="MsoNormal"><b><u>Summary<o:p></o:p></u></b></p>
<p class="MsoNormal">The S/MIME BR describe four profiles for S/MIME certificates including:<o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraphCxSpFirst" style="margin-left:0in;mso-add-space:auto;mso-list:l1 level1 lfo3">
Mailbox-validated (include only an email address);<o:p></o:p></li><li class="MsoListParagraphCxSpMiddle" style="margin-left:0in;mso-add-space:auto;mso-list:l1 level1 lfo3">
Organization-validated (where the Subject is a Legal Entity);<o:p></o:p></li><li class="MsoListParagraphCxSpMiddle" style="margin-left:0in;mso-add-space:auto;mso-list:l1 level1 lfo3">
Sponsor-validated (where the Subject is a Natural Person associated with a Legal Entity, and recognizing the common use of Enterprise-specific registration authorities for this type of certificate); and<o:p></o:p></li><li class="MsoListParagraphCxSpLast" style="margin-left:0in;mso-add-space:auto;mso-list:l1 level1 lfo3">
Individual-validated (where the Subject is a Natural Person).<o:p></o:p></li></ul>
<p class="MsoNormal">Each profile has Legacy, Multipurpose, and Strict generations with varying technical specifications for certificate content including Subject DN fields, extended key usages, and extensions.
<o:p></o:p></p>
<p class="MsoNormal">Acknowledging that few standards exist today for the issuance of S/MIME certificates, and therefore there is great variety in existing practice, the draft standard has been designed to provide flexibility for CAs in bringing Publicly-Trusted
S/MIME under a consistent regime, while moving to more defined standards over time.
<o:p></o:p></p>
<p class="MsoNormal">In line with the SMCWG Charter, the S/MIME BR draft has maintained consistency where relevant with other CABF standards.<o:p></o:p></p>
<p class="MsoNormal">Given the greater handling of personal information for S/MIME certificates, the S/MIME BR includes requirements for data protection.<o:p></o:p></p>
<p class="MsoNormal">The SMCWG intends to move forward with additional standards work in future versions of the S/MIME BR, for example defining additional methods for verifying email control, the use of Certificate Authority Authorization (CAA), and addressing
topics such as key generation and recovery in greater detail.<o:p></o:p></p>
<p class="MsoNormal">With kind regards,<o:p></o:p></p>
<p class="MsoNormal">Stephen Davidson<br>
Chair, S/MIME Certificate Working Group<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<i>Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the
information it contains. <u>Please notify Entrust immediately</u> and delete the message from your system.</i>
</div>
</body>
</html>