<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Segoe UI";
panose-1:2 11 5 2 4 2 4 2 2 3;}
@font-face
{font-family:SourceSerifPro-Regular-Identity;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin-top:0in;
margin-right:0in;
margin-bottom:8.0pt;
margin-left:0in;
line-height:105%;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:8.0pt;
margin-left:.5in;
line-height:105%;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle24
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:514543324;
mso-list-type:hybrid;
mso-list-template-ids:21528160 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l0:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l1
{mso-list-id:663750935;
mso-list-template-ids:-1166623844;}
@list l1:level1
{mso-level-start-at:2;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l2
{mso-list-id:997264169;
mso-list-type:hybrid;
mso-list-template-ids:-959550492 -1057838548 201981977 201981979 201981967 201981977 201981979 201981967 201981977 201981979;}
@list l2:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l2:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l2:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l2:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l2:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l2:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l2:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l2:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l2:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l3
{mso-list-id:1086875602;
mso-list-template-ids:1114644628;}
@list l4
{mso-list-id:1150363207;
mso-list-type:hybrid;
mso-list-template-ids:1008346128 67698703 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l4:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l4:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l4:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l4:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l4:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l4:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l4:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l4:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l4:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l5
{mso-list-id:1396397089;
mso-list-type:hybrid;
mso-list-template-ids:1000633438 93848198 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l5:level1
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l5:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l5:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l5:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l5:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l5:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l5:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l5:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l5:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Hello Eusebio<o:p></o:p></p>
<p class="MsoNormal">Many thanks for the input. As you recall, the OU attribute has been a much debated topic in various CABF WG, including this one. Our discussions lead to some allowable use of the OU as such:<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">c. Certificate Field: subject:organizationalUnitName (OID: 2.5.4.11)<br>
Contents: If present, the CA SHALL confirm that the subject:organizationalUnitName is the full legal organization name of an Affiliate of the subject:organizationName in the Certificate and has been verified in accordance with the requirements of Section 3.2.3.
The CA MAY include information in this field that differs slightly from the verified name, such as common variations or abbreviations, provided that the CA documents the difference and any abbreviations used are locally accepted abbreviations.<o:p></o:p></p>
<p class="MsoNormal">As I understand it, you are describing existing uses of the OU Qualified signature certificates issued to Spanish Government entities as follows:<o:p></o:p></p>
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoListParagraph" style="margin-left:0in;mso-list:l4 level1 lfo7">"SELLO ELECTRONICO" or "CERTIFICADO ELECTRONICO DE EMPLEADO PUBLICO" or<o:p></o:p></li><li class="MsoListParagraph" style="margin-left:0in;mso-list:l4 level1 lfo7">“codes used by the public administrations” or<o:p></o:p></li><li class="MsoListParagraph" style="margin-left:0in;mso-list:l4 level1 lfo7">Other content provided by the Subject.<o:p></o:p></li></ol>
<p class="MsoNormal">In previous CABF standards the branding described in (1) was banned. Can you provide a pointer to the Spanish law that requires this use?
<o:p></o:p></p>
<p class="MsoNormal">Similarly, are the codes described in (2) described in a Spanish law or regulation?<o:p></o:p></p>
<p class="MsoNormal">Based on the SMCWG’s discussions, it is unlikely that the general use described in (3) is sustainable, however it is possible that the subject:serialNumber may be appropriate for the use you describe.<o:p></o:p></p>
<p class="MsoNormal">Many thanks, Stephen<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-bottom:0in;line-height:normal"><b>From:</b> Eusebio Herrera <eusebio.herrera@camerfirma.com>
<br>
<b>Sent:</b> Thursday, September 15, 2022 7:53 AM<br>
<b>To:</b> Stephen Davidson <Stephen.Davidson@digicert.com>; SMIME Certificate Working Group <smcwg-public@cabforum.org><br>
<b>Subject:</b> RE: Ballot SMC01: Final Guideline for “S/MIME Baseline Requirements”<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:0in;background:white"><span lang="ES"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-bottom:0in;background:white"><span lang="ES"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:0in;margin-left:.5in;text-indent:-.25in;background:white">
<span lang="ES"><o:p> </o:p></span></p>
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="color:#242424;margin-bottom:0in;line-height:normal;mso-list:l2 level1 lfo3;background:white">
<b><span style="font-family:"Segoe UI",sans-serif">OU FIELDS</span></b><b><span style="font-size:12.0pt;font-family:"Segoe UI",sans-serif"><o:p></o:p></span></b></li></ol>
<p style="margin:0in;background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424">The final draft version of the 'Baseline Requirements for the Issuance and Management of Publicly-Trusted S/MIME Certificates' (BR S/MIME) requires that certain
information be included in the subject:organizationalUnitName field.</span><span style="font-family:"Times New Roman",serif"><o:p></o:p></span></p>
<p style="margin:0in;background:white;-webkit-font-smoothing: antialiased;box-sizing: border-box;font-style:inherit;font-variant-ligatures: normal;font-variant-caps: normal;font-weight:inherit;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;text-decoration-style: initial;text-decoration-color: initial;word-spacing:0px">
<span style="font-family:"Segoe UI",sans-serif;color:#242424"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424">This information is not sufficient to be included in SMIME certificates of sponsor-validated and organization-validated types issued by Spanish Qualified Trust
Service Providers (QTSP) for Government Entities, which is regulated. <o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424">Spanish QTSPs are legally forced to comply with this regulation regarding certificates issued for Government Entities.<o:p></o:p></span></p>
<p style="margin:0in;background:white;-webkit-font-smoothing: antialiased;box-sizing: border-box;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;text-decoration-style: initial;text-decoration-color: initial;word-spacing:0px">
<span style="font-family:"Segoe UI",sans-serif;color:#242424"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424">The Spanish regulation requires that these certificates must include in an OU field some specific text strings, such as:<br>
- OU = "SELLO ELECTRONICO" (electronic seal)<br>
- OU = "CERTIFICADO ELECTRONICO DE EMPLEADO PUBLICO" (electronic certificate for employees of the public administration)</span><span style="font-family:"Times New Roman",serif;color:#242424"><o:p></o:p></span></p>
<p style="margin:0in;background:white;-webkit-font-smoothing: antialiased;box-sizing: border-box;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;text-decoration-style: initial;text-decoration-color: initial;word-spacing:0px">
<span style="font-family:"Segoe UI",sans-serif;color:#242424"><o:p> </o:p></span></p>
<p style="margin:0in;background:white;-webkit-font-smoothing: antialiased;box-sizing: border-box;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;text-decoration-style: initial;text-decoration-color: initial;word-spacing:0px">
<span style="font-family:"Segoe UI",sans-serif;color:#242424">In addition, according to the Spanish regulation, these certificates may include in OU fields some codes used by the public administrations.</span><span style="font-family:"Times New Roman",serif;color:#242424"><o:p></o:p></span></p>
<p style="margin:0in;background:white;-webkit-font-smoothing: antialiased;box-sizing: border-box;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;text-decoration-style: initial;text-decoration-color: initial;word-spacing:0px">
<span style="font-family:"Segoe UI",sans-serif;color:#242424"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424">Moreover, S/MIME certificates of sponsor-validated and organization-validated types issued by Spanish QTSP for non-Government Entities usually include in OU
fields other specific information (i.e.: Department), that is not contemplated in the Affiliate definition in BR S/MIME. This information is used by certain applications, and also by certificate subscribers and relying parties. Therefore, the lack of this
information would create serious problems in certificate</span><span style="color:black">
</span><span style="font-family:"Segoe UI",sans-serif;color:#242424">usage.<o:p></o:p></span></p>
<p style="background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424">The possibility of including the department in the OU fields for non-Government Entities, but in a more general way, was previously raised on the Smcwg-public mailing
list by a GlobalSign representative, Christophe Bonjean. (April 25<sup>th</sup> :
<a href="https://lists.cabforum.org/pipermail/smcwg-public/2022-April/000318.html">
https://lists.cabforum.org/pipermail/smcwg-public/2022-April/000318.html</a> and May 11th
<a href="https://lists.cabforum.org/pipermail/smcwg-public/2022-May/000338.html">
https://lists.cabforum.org/pipermail/smcwg-public/2022-May/000338.html</a> )<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424"><o:p> </o:p></span></p>
<p style="margin:0in;background:white;-webkit-font-smoothing: antialiased;box-sizing: border-box;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;text-decoration-style: initial;text-decoration-color: initial;word-spacing:0px">
<span style="font-family:"Segoe UI",sans-serif;color:#242424">All these data included in OU fields of SMIME certificates of sponsor-validated and organization-validated types issued by Spanish QTSP are verified by the RAs against supporting documentation, a
Reliable Data Source, or Attestation, that is, in the same way that the subject:title shall be verified (BR S/MIME 3.2.4.1)<o:p></o:p></span></p>
<p style="margin:0in;background:white;-webkit-font-smoothing: antialiased;box-sizing: border-box;font-style:inherit;font-variant-ligatures: normal;font-variant-caps: normal;font-weight:inherit;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;text-decoration-style: initial;text-decoration-color: initial;word-spacing:0px">
<span style="font-family:"Segoe UI",sans-serif;color:#242424"><o:p> </o:p></span></p>
<ol style="margin-top:0in" start="2" type="1">
<li class="MsoNormal" style="color:#242424;margin-bottom:0in;line-height:normal;mso-list:l2 level1 lfo3;background:white">
<b><span style="font-family:SourceSerifPro-Regular-Identity;color:black">MAXIMUM VALIDITY PERIOD</span></b><b><span style="font-size:12.0pt;font-family:"Segoe UI",sans-serif"><o:p></o:p></span></b></li></ol>
<p style="margin:0in;background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424">The final draft version of the 'Baseline Requirements for the Issuance and Management of Publicly-Trusted S/MIME Certificates' (BR S/MIME) requires a maximum
validity period of 825 days for Strict and Multipurpose Generations and 1,185 days for Legacy Generations.</span><span style="font-family:"Times New Roman",serif;color:#242424"><o:p></o:p></span></p>
<p style="margin:0in;background:white;-webkit-font-smoothing: antialiased;box-sizing: border-box;font-style:inherit;font-variant-ligatures: normal;font-variant-caps: normal;font-weight:inherit;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;text-decoration-style: initial;text-decoration-color: initial;word-spacing:0px">
<span style="font-family:"Segoe UI",sans-serif;color:#242424"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-family:"Segoe UI",sans-serif;color:#242424">The Spanish Law which regulates trust services according to EU eIDAS Regulation allows qualified certificates to have a validity period up to 5 years (1824
days), including SMIME certificates of organization-validated, sponsored-validated and individual-validated types.</span><span style="font-family:"Times New Roman",serif;color:#242424"><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Kind regards,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Eusebio Herrera<o:p></o:p></p>
<p class="MsoNormal">AC Camerfirma<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-bottom:0in;line-height:normal"><b><span lang="ES">De:</span></b><span lang="ES"> Smcwg-public <<a href="mailto:smcwg-public-bounces@cabforum.org">smcwg-public-bounces@cabforum.org</a>>
<b>En nombre de </b>Stephen Davidson via Smcwg-public<br>
<b>Enviado el:</b> jueves, 8 de septiembre de 2022 9:03<br>
<b>Para:</b> <a href="mailto:smcwg-public@cabforum.org">smcwg-public@cabforum.org</a><br>
<b>Asunto:</b> [Smcwg-public] Ballot SMC01: Final Guideline for “S/MIME Baseline Requirements”<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="ES"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><strong><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333;border:none windowtext 1.0pt;padding:0in">Ballot SMC01: Final Guideline for “S/MIME Baseline Requirements”
</span></strong><strong><span style="font-family:"Arial",serif;color:#333333;border:none windowtext 1.0pt;padding:0in"><o:p></o:p></span></strong></p>
<p style="margin:0in;background:white"><strong><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333;border:none windowtext 1.0pt;padding:0in"><o:p> </o:p></span></strong></p>
<p style="margin:0in;background:white"><strong><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333;border:none windowtext 1.0pt;padding:0in">Purpose of Ballot:</span></strong><span lang="ES"><o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;line-height:105%;font-family:"Arial",serif;color:#333333">The S/MIME Certificate Working Group was chartered to discuss, adopt, and maintain policies, frameworks, and standards for the issuance and management
of Publicly-Trusted S/MIME Certificates. This ballot adopts a new “S/MIME Baseline Requirements” that includes requirements for verification of control over email addresses, identity validation for natural persons and legal entities, key management and certificate
lifecycle, certificate profiles for S/MIME Certificates and Issuing CA Certificates, as well as CA operational and audit practices.<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">An S/MIME Certificate for the purposes of this document can be identified by the existence of an Extended Key Usage (EKU) for id-kp-emailProtection
(OID: 1.3.6.1.5.5.7.3.4) and the inclusion of a rfc822Name or an otherName of type id-on-SmtpUTF8Mailbox in the subjectAltName extension in the Certificate.<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333;background:white">The following motion has been proposed by Stephen Davidson of DigiCert and endorsed by Martijn Katerbarg of Sectigo and Ben Wilson
of Mozilla.</span><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><strong><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333;border:none windowtext 1.0pt;padding:0in">Charter Voting References</span></strong><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="color:black"><a href="https://github.com/cabforum/servercert/blob/e6ad111f4477010cbff409cd939c5ac1c7c85ccc/docs/SMCWG-charter.md#51-voting-structure"><span style="font-size:10.0pt;font-family:"Arial",serif">Section
5.1 (“Voting Structure”)</span></a></span><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"> of the SMCWG Charter says:<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">In order for a ballot to be adopted by the SMCWG, two-thirds or more of the votes cast by the Certificate Issuers must be in favor of the ballot and
more than 50% of the votes cast by the Certificate Consumers must be in favor of the ballot. At least one member of each class must vote in favor of a ballot for it to be adopted. Quorum is the average number of Member organizations (cumulative, regardless
of Class) that have participated in the previous three (3) SMCWG Meetings or Teleconferences (not counting subcommittee meetings thereof).<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><strong><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333;border:none windowtext 1.0pt;padding:0in">— MOTION BEGINS —</span></strong><b><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333;border:none windowtext 1.0pt;padding:0in"><br>
</span></b><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><br>
This ballot adopts the “Baseline Requirements for the Issuance and Management of Publicly-Trusted S/MIME Certificates” (“S/MIME Baseline Requirements”) as Version 1.0.0.<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">The proposed S/MIME Baseline Requirements may be found at
<a href="https://github.com/cabforum/smime/compare/7b3ab3c55dd92052a8dc0d4f85a2ac26269c222e...28c0b904fe54f1c5f6c71d18c4786a3e02c76f52">
https://github.com/cabforum/smime/compare/7b3ab3c55dd92052a8dc0d4f85a2ac26269c222e...28c0b904fe54f1c5f6c71d18c4786a3e02c76f52</a> or the attached document.<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">The SMCWG Chair or Vice-Chair is permitted to update the Relevant Dates and Version Number of the S/MIME Baseline Requirements to reflect final dates.<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><strong><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333;border:none windowtext 1.0pt;padding:0in">— MOTION ENDS —</span></strong><b><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333;border:none windowtext 1.0pt;padding:0in"><br>
</span></b><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><br>
This ballot proposes a Final Guideline. The procedure for approval of this ballot is as follows:<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">Discussion (7+ days)</span><span style="color:black"><br>
</span><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">Start Time: 8 September 2022 17:00 UTC</span><span style="color:black"><br>
</span><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">End Time: 15 September 2022 17:00 UTC<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">Vote for approval (7 days)</span><span style="color:black"><br>
</span><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">Start Time: 15 September 2022 17:00 UTC</span><span style="color:black"><br>
</span><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">End Time: 22 September 2022 17:00 UTC<o:p></o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333"><o:p> </o:p></span></p>
<p style="margin:0in;background:white"><span style="font-size:10.0pt;font-family:"Arial",serif;color:#333333">IPR Review (60 days)<o:p></o:p></span></p>
</div>
</body>
</html>