Email Certificate Standards Updated to Support ACME Automation & Future PQC Security

Changes to the S/MIME Certificate Baseline Requirements add support for automated mailbox validation (via the ACME protocol) and post-quantum cryptography algorithm testing

July 2025 was a busy period in the CA/Brower Forum’s (CABF) S/MIME Certificate Working Group (SMCWG). There are two key ballots relating to S/MIME certificates that have been approved (SMC013) or adopted (SMC012) in the last month:

1. SMC012: Introduce ACME for S/MIME was officially adopted as part of the S/MIME Baseline Requirements on July 2. This ballot provides certification authorities (CAs) with a standardized and automated way to respond to mailbox control validation requests using the ACME protocol. This offers another automation-friendly method for CAs to validate mailbox addresses.
2. SMC013: Enable PQC Algorithms for S/MIME entered a 30-day review period that’s set to end Aug. 20. This ballot aims to add the use of two post-quantum cryptography (PQC) algorithms into the S/MIME Baseline Requirements. These certificates are intended for testing (by CAs and clients) and wouldn’t be generally available. However, this move marks yet another step that on the road that ultimately leads to PQC adoption and usage on public networks.

So, what’s the deal with these two ballots and how are they intended to enhance email security and mailbox domain validations? While these changes won’t directly impact your organization in terms of preparations, our goal is to keep you apprised of the latest S/MIME industry developments.

Let’s hash it out.

The post Email Certificate Standards Updated to Support ACME Automation & Future PQC Security appeared first on Hashed Out by The SSL Store™.