[Smcwg-public] 30-day Pre-Ballot Discussion Period of S/MIME BR

Stephen Davidson Stephen.Davidson at digicert.com
Mon May 9 16:11:51 UTC 2022


Hello all:

Attached is the draft in various formats.

Best regards, Stephen

 

From: Bruce Morton <Bruce.Morton at entrust.com> 
Sent: Friday, May 6, 2022 3:23 PM
To: Stephen Davidson <Stephen.Davidson at digicert.com>; SMIME Certificate
Working Group <smcwg-public at cabforum.org>
Subject: RE: 30-day Pre-Ballot Discussion Period of S/MIME BR

 

Hi Stephen,

Could we also have a Word version to review? I think this would be easier to
share at work and capture suggested edits and comments, rather than sending
a PDF.

 

Thanks, Bruce.

From: Smcwg-public <smcwg-public-bounces at cabforum.org
<mailto:smcwg-public-bounces at cabforum.org> > On Behalf Of Stephen Davidson
via Smcwg-public
Sent: Thursday, May 5, 2022 10:57 AM
To: SMIME Certificate Working Group <smcwg-public at cabforum.org
<mailto:smcwg-public at cabforum.org> >
Subject: [EXTERNAL] [Smcwg-public] 30-day Pre-Ballot Discussion Period of
S/MIME BR

 

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the
content is safe.

  _____  

May 5, 2022

The S/MIME Certificate Working Group (SMCWG) of the CA/Browser Forum
commences a 30-day pre-ballot discussion of the draft text of the "Baseline
Requirements for the Issuance and Management of Publicly-Trusted S/MIME
Certificates" (S/MIME BR).

The S/MIME BR describes an integrated set of technologies, protocols,
identity-proofing, lifecycle management, and auditing requirements for
certificate Issuers.  The draft is the culmination of work started in 2020
by a group of Certificate Issuers, Certificate Consumers (including both
email user agents and email service providers), as well as other interested
parties such as audit schemes and industry groups.

As agreed by the SMCWG, recognizing that the S/MIME BR will be a new
standard, the pre-ballot discussion period allows organizations to complete
their internal reviews of the draft before the final ballot is assembled.

Comments may be submitted by SMCWG members to the SMCWG public listserv
(https://lists.cabforum.org/mailman/listinfo/smcwg-public
<https://urldefense.com/v3/__https:/lists.cabforum.org/mailman/listinfo/smcw
g-public__;!!FJ-Y8qCqXTj2!bxk09E_Wwhz6nvOr8dRwjL3lf1CXOQZR-oM4PA6Oflh1TPbrvL
lSJbDPqQ-we9Gs1VGEhjFaz3oT4zToOGlKfpGVvq7H$> ) or using the Issues
functionality on GitHub (https://github.com/cabforum/smime/issues
<https://urldefense.com/v3/__https:/github.com/cabforum/smime/issues__;!!FJ-
Y8qCqXTj2!bxk09E_Wwhz6nvOr8dRwjL3lf1CXOQZR-oM4PA6Oflh1TPbrvLlSJbDPqQ-we9Gs1V
GEhjFaz3oT4zToOGlKfr25MoAP$> ). 

The SMCWG will take advantage of the summer face-to-face meeting of the CABF
to discuss and categorize any remaining issues that arise for resolution in
this draft or a future version of the standard.

At that time, a roadmap will be set to solicit endorsers and to conduct an
adoption ballot for version 1 of the S/MIME BR later in the summer, subject
to the voting rules of the SMCWG charter and the CABF bylaws which call for
a 7-day review and a 7-day ballot period.  A successful ballot will lead to
a 60-day IPR review.

The draft of the S/MIME BR may be found at
https://github.com/cabforum/smime/blob/preSBR/SBR.md
<https://urldefense.com/v3/__https:/github.com/cabforum/smime/blob/preSBR/SB
R.md__;!!FJ-Y8qCqXTj2!bxk09E_Wwhz6nvOr8dRwjL3lf1CXOQZR-oM4PA6Oflh1TPbrvLlSJb
DPqQ-we9Gs1VGEhjFaz3oT4zToOGlKfiJsVS-C$>  and as a PDF, attached.

Summary

The S/MIME BR describe four profiles for S/MIME certificates including:

*	Mailbox-validated (include only an email address);
*	Organization-validated (where the Subject is a Legal Entity);
*	Sponsor-validated (where the Subject is a Natural Person associated
with a Legal Entity, and recognizing the common use of Enterprise-specific
registration authorities for this type of certificate); and
*	Individual-validated (where the Subject is a Natural Person).

Each profile has Legacy, Multipurpose, and Strict generations with varying
technical specifications for certificate content including Subject DN
fields, extended key usages, and extensions. 

Acknowledging that few standards exist today for the issuance of S/MIME
certificates, and therefore there is great variety in existing practice, the
draft standard has been designed to provide flexibility for CAs in bringing
Publicly-Trusted S/MIME under a consistent regime, while moving to more
defined standards over time. 

In line with the SMCWG Charter, the S/MIME BR draft has maintained
consistency where relevant with other CABF standards.

Given the greater handling of personal information for S/MIME certificates,
the S/MIME BR includes requirements for data protection.

The SMCWG intends to move forward with additional standards work in future
versions of the S/MIME BR, for example defining additional methods for
verifying email control, the use of Certificate Authority Authorization
(CAA), and addressing topics such as key generation and recovery in greater
detail.

With kind regards,

Stephen Davidson
Chair, S/MIME Certificate Working Group

 

Any email and files/attachments transmitted with it are confidential and are
intended solely for the use of the individual or entity to whom they are
addressed. If this message has been sent to you in error, you must not copy,
distribute or disclose of the information it contains. Please notify Entrust
immediately and delete the message from your system. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220509/39f3c80c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SBR_Discussion_Draft_20220509.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 135891 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220509/39f3c80c/attachment-0001.docx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SBR_Discussion_Draft_20220509.odt
Type: application/vnd.oasis.opendocument.text
Size: 139510 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220509/39f3c80c/attachment-0001.odt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SBR_Discussion_Draft_20220509.pdf
Type: application/pdf
Size: 665869 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220509/39f3c80c/attachment-0001.pdf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4999 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20220509/39f3c80c/attachment-0001.p7s>


More information about the Smcwg-public mailing list